Google Chrome < 139.0.7258.138 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 139.0.7258.138. It is, therefore, affected by a vulnerability as referenced in the 202508stable-channel-update-for-desktop19 advisory. - Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote...

Linux Distros Unpatched Vulnerability : CVE-2025-5272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort so...

Linux Distros Unpatched Vulnerability : CVE-2025-5271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability was fixed in Firefox 139 and...

Linux Distros Unpatched Vulnerability : CVE-2025-5270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

SUSE CVE-2025-5272

Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

CVE-2025-5262

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 139 and Thunderbird 128.11...

CVE-2025-5271

Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability affects Firefox 139 and Thunderbird 139...

DEBIAN-CVE-2025-5268

Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

CVE-2025-5270

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox 139 and Thunderbird 139...

CVE-2025-5262

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 139 and Thunderbird 128.11...

UBUNTU-CVE-2025-5271

Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

UBUNTU-CVE-2025-5020

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS 139...