Google Chrome Use After Release Vulnerability (CNVD-2026-07245)

Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from a use-after-free vulnerability that stems from Storage objects being accessed even after they have been released prematurely. An attacker could use this vulnerability to trick a user into visiting a specially craft...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

OESA-2025-2557 thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: This vulnerability affects Firefox versions prior to 143 and Firefox ESR versions prior to 140.3. Specific vulnerability type and impact details require further confirmation.CVE-2025-10527 This vulnerability affects...

SUSE CVE-2025-12380

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...

Firefox -- use-after-free in the GPU or browser process

https://bugzilla.mozilla.org/showbug.cgi?id=1993113 reports: Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox...

FreeBSD : Mozilla -- Memory disclosure (f7047dfc-ad02-11f0-b2aa-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f7047dfc-ad02-11f0-b2aa-b42e991fc52e advisory. [email protected] reports: A compromised web process using malicious IPC messages could have caused...

DEBIAN-CVE-2025-11710

A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

CVE-2025-11710

A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

UBUNTU-CVE-2025-11710

A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

CVE-2025-11710 Cross-process information leaked due to malicious IPC messages

A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

Mozilla -- Memory disclosure

[email protected] reports: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape...

firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape...

firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape...

firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape...

firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape...

CVE-2025-1930

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability affects Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

UBUNTU-CVE-2025-1930

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird...