CVE-2025-12080

On Wear OS devices, when Google Messages is configured as the default SMS/MMS/RCS application, the handling of ACTIONSENDTO intents utilizing the sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is incorrectly implemented. Due to this misconfiguration, an attacker capable of...

EUVD-2025-36129

On Wear OS devices, when Google Messages is configured as the default SMS/MMS/RCS application, the handling of ACTIONSENDTO intents utilizing the sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is incorrectly implemented. Due to this misconfiguration, an attacker capable of...

CVE-2025-12080

CVE-2025-12080 affects Google Messages for Wear OS when it is the default SMS/MMS/RCS app. The root cause is improper handling of ACTION_SENDTO intents using sms:, smsto:, mms:, and mmsto: URI schemes, enabling an attacker who can invoke an Android intent to covertly send messages on behalf of th...

PT-2025-43907

Name of the Vulnerable Software and Affected Versions Google Messages for Wear OS affected versions not specified Description A flaw exists in Google Messages for Wear OS where the handling of ACTION SENDTO intents using sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is...

Linux Distros Unpatched Vulnerability : CVE-2025-11719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption...

CVE-2025-11757 Improper Neutralization of Wildcards or Matching Symbols in CloudEdge Online Cameras and App

The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribing to the a MQTT topic. In these messages, the attacker can obtain the credentials and key...

SUSE CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

CVE-2025-54539

A Deserialization of Untrusted Data vulnerability exists in the Apache ActiveMQ NMS AMQP Client. This issue affects all versions of Apache ActiveMQ NMS AMQP up to and including 2.3.0, when establishing connections to untrusted AMQP servers. Malicious servers could exploit unbounded deserializatio...

EUVD-2025-34198

Starting in Firefox 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox 144 and Thunderbird 144...

CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox 144 and Thunderbird 144...

CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox 144 and Thunderbird 144...

CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

UBUNTU-CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox 144 and Thunderbird 144...

CVE-2025-11719 Use-after-free caused by the native messaging web extension API on Windows

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

CVE-2025-11719 Use-after-free caused by the native messaging web extension API on Windows

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

CVE-2025-11719

CVE-2025-11719 affects Mozilla Firefox and Thunderbird. On Windows, use of the native messaging API by web extensions can trigger use-after-free memory corruption, leading to crashes. Affected versions: Firefox < 144 and Thunderbird

KLA89242 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions, perform cross-site scripting attack. Below is a complete list of...

PT-2025-41907

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 144 Thunderbird versions prior to 144 Description A flaw exists in Firefox and Thunderbird where the use of the native messaging API by web extensions on Windows may result in crashes due to use-after-free memory...