4293 matches found
SUSE-SU-2025:01769-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Mozilla Firefox ESR 128.11 MFSA 2025-44, bsc1243353: - MFSA-TMP-2025-0001: Double-free in libvpx encoder bmo1962421 - CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content bmo1960745 -...
firefox: thunderbird: Potential local code execution in “Copy as cURL” command
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, leading to local code execution on the user's system...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
firefox: thunderbird: Potential local code execution in “Copy as cURL” command
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, leading to local code execution on the user's system...
RHEL 8 : firefox (RHSA-2025:8308)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8308 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
AlmaLinux 8 : firefox (ALSA-2025:8308)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:8308 advisory. firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential local...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential local code execution ...
RHEL 9 : firefox (RHSA-2025:8293)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:8293 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential local code execution ...
ALSA-2025:8293 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential local code execution ...
ALSA-2025:8308 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential local code execution ...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow through the SRBRoot::addTag function. An attacker can corrupt memory and execute arbitrary code locally by overflowing the subtag struct. Remediation There is no fixed version for icu. References - Red Hat Bugzilla Bug -...
AZL-66147 CVE-2025-5222 affecting package icu for versions less than 68.2.0.9-2
A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...
AZL-69706 CVE-2025-5222 affecting package nodejs18 for versions less than 18.20.3-10
A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...
ALPINE-CVE-2025-5222
A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...
UBUNTU-CVE-2025-5222
A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...
CVE-2025-5265
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected. Thi...
CVE-2025-5265
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected. Thi...
CVE-2025-5264
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbir...