Astra Linux - уязвимость в firefox

A memory safety bug exists in Firefox 143 and Thunderbird 143. This bug exhibited signs of memory corruption, and we assume that with sufficient effort, this could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 144 and Thunderbird 144...

CVE-2026-0902

Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This...

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

EUVD-2025-36530

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability affects Firefox 144.0.2...

CVE-2025-12380

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...

UBUNTU-CVE-2025-12380

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability affects Firefox 144.0.2...

CVE-2025-12380 Use-after-free in WebGPU internals triggered from a compromised child process

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...

Linux Distros Unpatched Vulnerability : CVE-2025-11719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption...

thunderbird: firefox: Memory safety bugs

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corrupti...

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

CVE-2025-11717

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability was fixed in Firefox 144...

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

EUVD-2025-34194

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

EUVD-2025-34206

A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability affects Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...