Lucene search
K

1828 matches found

RedHat Linux
RedHat Linux
added 2026/06/22 4:5 a.m.7 views

firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...

7.5CVSS5.8AI score0.00306EPSS
Exploits0References6
Redos
Redos
added 2026/06/22 12:0 a.m.5 views

ROS-20260622-73-0006

The vulnerability in Thunderbird is related to the use of an uninitialized resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.5CVSS5.9AI score0.00403EPSS
Exploits0
Redos
Redos
added 2026/06/22 12:0 a.m.5 views

ROS-20260622-73-0021

The vulnerability in Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

9.8CVSS5.9AI score0.00439EPSS
Exploits0
Redos
Redos
added 2026/06/22 12:0 a.m.5 views

ROS-20260622-73-0005

The vulnerability in Thunderbird relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS6.2AI score0.00586EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox, Thunderbird

An attacker could cause the memory manager to improperly free a pointer that points to attacker-controlled memory, resulting in an assertion error, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for...

8.8CVSS6.9AI score0.00702EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When creating a callback via IPC to display the Color Picker window, multiple identical callbacks might be created at once. Eventually, all of them would be destroyed as soon as one of the callbacks is completed. This could lead to a use-after-free condition, resulting in a potentially exploitabl...

6.5CVSS6.6AI score0.00571EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When receiving rendering data via IPC mStream, it might have been destroyed during initialization, which could lead to a use-after-free condition and potentially cause a crash. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...

6.5CVSS6.7AI score0.00545EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When the number of cookies per domain was exceeded in document.cookie, the actual cookie jar sent to the host was no longer consistent with the expected state of the cookie jar. This could result in requests being sent with some cookies missing. This vulnerability affects Firefox 116, Firefox ESR...

7.5CVSS6.7AI score0.00614EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A clickjacking vulnerability could have been exploited to trick users into revealing their saved payment card details to a malicious page. This vulnerability has been fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...

5.4CVSS6.5AI score0.00216EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...

4.3CVSS6.7AI score0.00203EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Thunderbird, Firefox

A carefully crafted URL containing specific Unicode characters could conceal the true origin of the page, leading to a potential spoofing attack. This vulnerability was fixed in Firefox 137, Firefox ESR 128.9, Thunderbird 137, and Thunderbird 128.9...

7.3CVSS6.7AI score0.00303EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 135 and Thunderbird 135. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 136 and Thunderbird...

8.2CVSS7.9AI score0.00404EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox

jar: URLs retrieve the content of local files that are packaged in ZIP archives. The null character and everything after it were ignored when retrieving the content from the archive. However, the fake extension after the null character was used to determine the type of content. This could have be...

7.3CVSS6.9AI score0.00413EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Thunderbird, Firefox

A website could have obscured the full-screen notification by using a URL that was processed by an external program, such as a mailto URL. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox 116, Firefox ESR 115.2, and Thunderbi...

6.5CVSS6.7AI score0.00657EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox

When Multi-Account Containers was enabled, DNS requests could bypass a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability was fixed in Firefox 140 and Thunderbird 140...

8.6CVSS7.5AI score0.00287EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Script elements that load cross-origin resources generated load and error events, which allowed information to be leaked and enabled XS-Leaks attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...

4.3CVSS6.6AI score0.00262EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox

Due to insufficient escaping of special characters in the “copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user’s system. This vulnerability was fixed in Firefox 138 and Thunderbird 138...

5.1CVSS6.5AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

A process isolation vulnerability in Thunderbird stems from improper handling of JavaScript URIs. This issue could allow content to execute in the process of the top-level document, rather than in the intended frame, potentially enabling a sandbox escape. This vulnerability has been fixed in...

9.1CVSS7.7AI score0.00379EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Thunderbird, Firefox

It was possible to interrupt the processing of a RegExp bailout and execute additional JavaScript code, potentially triggering garbage collection when the engine did not expect it. This vulnerability has been fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

6.5CVSS6.8AI score0.00433EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

An attacker could write data to the user’s clipboard by bypassing the user prompt during a certain sequence of navigation events. This vulnerability affects Firefox 129, Firefox ESR 128.3, and Thunderbird 128.3...

7.5CVSS7.5AI score0.00426EPSS
Exploits0References2
Rows per page
Query Builder