CVE-2026-44310

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

Astra Linux - уязвимость в thunderbird, firefox

The length of the certificate was not properly checked when it was added to the certificate store. In practice, only trusted data was processed. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

CVE-2026-23750

Golioth Pouch 0.1.0 (prior to the fixed version) is affected by a heap-based buffer overflow in the BLE GATT server certificate handling. In server_cert_write(), a heap buffer of CONFIG_POUCH_SERVER_CERT_MAX_LEN is allocated for the first fragment, and subsequent fragments are appended via memcpy...

CLSA-2026-1772112014 openssl: Fix of CVE-2025-66199

CVE-2025-66199: validate uncompressed certificate length to prevent large pre-decompression allocation...

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

MiracleLinux 8 : thunderbird-128.7.0-1.el8_10.ML.1 (AXSA:2025-9663:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9663:03 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox:...

CLSA-2025-1765902200 opensc: Fix of CVE-2024-45619

CVE-2024-45619: fix insufficient certificate and key length validation...

EUVD-2025-1969

Malicious code in bioql PyPI...

RockyLinux 8 : firefox (RLSA-2025:1283)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:1283 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox:...

RLSA-2025:1283 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox: thunderbird: Use-after-fr...

firefox security update

An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

firefox: thunderbird: Certificate length was not properly checked

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...

firefox: thunderbird: Certificate length was not properly checked

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...

firefox: thunderbird: Certificate length was not properly checked

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...

firefox: thunderbird: Certificate length was not properly checked

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...

AlmaLinux 8 : firefox (ALSA-2025:1283)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:1283 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox: thunderbir...

firefox: thunderbird: Certificate length was not properly checked

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

firefox: thunderbird: Certificate length was not properly checked

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...