Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A buffer overflow vulnerability exists in Mozilla Firefox and Mozilla Thunderbird...

Windmill SQL注入漏洞

Windmill is a low-code development platform open-source by Windmill Labs, Inc. Versions of Windmill from 1.276.0 to 1.603.2 have a SQL injection vulnerability. This vulnerability stems from the owner parameter in the folder ownership management function, which allows for SQL injection attacks. It...

Semtech LR11xx LoRa 安全漏洞

Semtech LR11xx LoRa is a series of low-power wireless communication chips developed by the American company Semtech. There are security vulnerabilities in Semtech LR11xx LoRa. These vulnerabilities stem from improper access control in earlier firmware versions, which may allow attackers with...

NI LabVIEW 安全漏洞

NI LabVIEW is a graphical programming platform developed by National Instruments. Versions of NI LabVIEW prior to 2026 Q1 26.1.0 contained security vulnerabilities. These vulnerabilities stemmed from out-of-bound writing during the loading of corrupted LVCLASS files, which could lead to memory...

NI LabVIEW 安全漏洞

NI LabVIEW is a graphical programming platform developed by National Instruments. Versions of NI LabVIEW prior to 2026 Q1 26.1.0 contained security vulnerabilities. These vulnerabilities stemmed from the mgcoreSH253!alignedfree function, where out-of-bounds reading of memory led to potential...

VulnCheck KEV: CVE-2026-34621

Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue...

NI LabVIEW 安全漏洞

NI LabVIEW is a graphical programming platform developed by National Instruments. Versions of NI LabVIEW prior to 2026 Q1 26.1.0 contained security vulnerabilities. These vulnerabilities were caused by an out-of-bound read operation in the sentrytransactioncontextsetoperation function, which coul...

Linux Distros Unpatched Vulnerability : CVE-2026-34444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lupa integrates the runtimes of Lua or LuaJIT2 into CPython. In 2.6 and earlier, attributefilter is not consistently applied when attributes are accessed throug...

RHEL 8 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good (RHSA-2026:6750)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6750 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...

Mozilla多款产品 缓冲区错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A memory corruption vulnerability exists in multiple Mozilla products,...

KLA90972 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics can be exploited to cause denia...

PT-2026-30793

Name of the Vulnerable Software and Affected Versions HuggingFace Transformers versions prior to 5.0.0rc3 Description A flaw exists in the Trainer class within the HuggingFace Transformers library. The load rng state method, located in src/transformers/trainer.py at line 3059, utilizes torch.load...

Security Vulnerabilities fixed in Thunderbird 149.0.2 — Mozilla

Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

Security Vulnerabilities fixed in Firefox 149.0.2 — Mozilla

Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

RockyLinux 9 : freerdp (RLSA-2026:6340)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6340 advisory. freerdp: FreeRDP heap-use-after-free CVE-2026-22856 freerdp: FreeRDP heap-buffer-overflow CVE-2026-22854 freerdp: FreeRDP heap-buffer-overflow...

Mozilla -- Memory safety bugs

https://bugzilla.mozilla.org/buglist.cgi?bugid=2022369%2C2023026%2C2023545%2C2023555%2C2023958%2C2025422%2C2025468%2C2025492%2C2025505 reports: Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence o...

RHEL 10 : freerdp (RHSA-2026:6799)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6799 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

RHEL 6 : vim (RHSA-2026:6725)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6725 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via command injection in glob...

ALSA-2026:6915 Important: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure via crafted swap file CVE-2026-28421 vim: Vim: Arbitrary code...