firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: GMP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: GMP component...

CVE-2025-57735 vulnerabilities

Vulnerabilities for packages: airflow...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corrupti...

firefox: thunderbird: JIT miscompilation in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine component...

firefox: thunderbird: Information disclosure in the Widget: Cocoa component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure in the Widget: Cocoa component...

CVE-2025-14813

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is associated with program files G3413CTRBlockCipher. This issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82...

CVE-2026-40719

Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved...

CVE-2026-33343 affecting package etcd for versions less than 3.5.28-1

CVE-2026-33343 affecting package etcd for versions less than 3.5.28-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-32775 affecting package libexif for versions less than 0.6.24-2

CVE-2026-32775 affecting package libexif for versions less than 0.6.24-2. A patched version of the package is available...

GHSA-XPCF-PG52-R92G vulnerabilities

Vulnerabilities for packages: langfuse...

SUSE CVE-2025-1015

The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book,...

SUSE CVE-2026-3446

When calling base64.b64decode or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use...

CVE-2026-24049 affecting package python-wheel for versions less than 0.43.0-2

CVE-2026-24049 affecting package python-wheel for versions less than 0.43.0-2. A patched version of the package is available...

squid security update

7:6.10-6.3 - Resolves: RHEL-160667 - squid: Squid: Denial of Service via crafted ICP traffic CVE-2026-32748 7:6.10-6.2 - Resolves: RHEL-160665 - squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling CVE-2026-33526...

ROS-20260414-73-0035

Vulnerability in kernel-lt related to memory usage after memory release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260414-73-0024

Vulnerability in kernel-lt related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260414-73-0022

Vulnerability in kernel-lt related to lack of memory release after effective lifetime. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260414-73-0003

Vulnerability in kernel-lt related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

firefox: thunderbird: Privilege escalation in the Netmonitor component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Netmonitor component...

firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the CSS Parsing and Computation component...