Lucene search
K

16 matches found

NVD
NVD
added 2026/05/15 5:16 p.m.39 views

CVE-2026-44310

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

5.4CVSS0.00111EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-1969

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00376EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/02/14 12:0 a.m.10 views

RockyLinux 8 : firefox (RLSA-2025:1283)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:1283 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox:...

9.8CVSS7.4AI score0.01196EPSS
Exploits0References17
OSV
OSV
added 2025/02/13 8:34 p.m.25 views

RLSA-2025:1283 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox: thunderbird: Use-after-fr...

8.8CVSS9.1AI score0.01196EPSS
Exploits0References9
OSV
OSV
added 2025/02/11 12:0 a.m.13 views

ALSA-2025:1292 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox: thunderbird: Use-after-free in Custom Highlight CVE-2025-1010 firefox:...

9.8CVSS8.8AI score0.01331EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2025/02/10 1:54 p.m.2 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.7 MFSA 2025-10, bsc1236539. Security fixes: CVE-2025-1009: use-after-free in XSLT. CVE-2025-1010: use-after-free in Custom Highlight. CVE-2025-1011: a bug in WebAssembly code generation could result i...

8.8CVSS7.6AI score0.01331EPSS
Exploits0References26
Mageia
Mageia
added 2025/02/09 12:19 a.m.25 views

Updated rootcerts, nss & firefox packages fix security vulnerabilities

Use-after-free in XSLT. CVE-2025-1009 Use-after-free in Custom Highlight. CVE-2025-1010 A bug in WebAssembly code generation could result in a crash. CVE-2025-1011 Use-after-free during concurrent delazification. CVE-2025-1012 Potential double-free vulnerability in PKCS7 decryption handling...

9.8CVSS8AI score0.01196EPSS
Exploits0References4
OSV
OSV
added 2025/02/08 12:37 p.m.5 views

OESA-2025-1102 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox 135, Firefox ESR...

9.8CVSS7.9AI score0.01196EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/02/07 12:0 a.m.18 views

RHEL 7 : firefox (RHSA-2025:1132)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:1132 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS7.5AI score0.01196EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2025/02/06 11:41 a.m.13 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS7AI score0.01196EPSS
Exploits0References9
OSV
OSV
added 2025/02/05 3:38 p.m.8 views

SUSE-SU-2025:0374-1 Security update for MozillaFirefox

This update for MozillaFirefox to 128.7esr fixes the following issues: MFSA 2025-09 CVE-2025-1009 bmo1936613 Use-after-free in XSLT CVE-2025-1010 bmo1936982 Use-after-free in Custom Highlight CVE-2025-1011 bmo1936454 A bug in WebAssembly code generation could result in a crash CVE-2025-1012...

9.8CVSS10AI score0.01196EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2025/02/05 11:36 a.m.19 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS7AI score0.01196EPSS
Exploits0References9
OSV
OSV
added 2025/02/04 2:15 p.m.10 views

CVE-2025-1014

Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability affects Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

8.8CVSS6AI score
Exploits0References6
Cvelist
Cvelist
added 2025/02/04 1:58 p.m.16 views

CVE-2025-1014 Certificate length was not properly checked

Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

0.00376EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/02/04 12:0 a.m.7 views

PT-2025-4127 · Mozilla +10 · Thunderbird +12

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 135 Firefox ESR versions prior to 128.7 Thunderbird versions prior to 128.7 Thunderbird versions prior to 135 Description: The certificate length was not properly checked when added to a certificate store. In practic...

10CVSS6.7AI score0.1307EPSS
Exploits9References426
FreeBSD
FreeBSD
added 2025/02/04 12:0 a.m.12 views

mozilla -- multiple vulnerabilities

[email protected] reports: A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have...

9.8CVSS8.2AI score0.00628EPSS
Exploits0References4
Rows per page
Query Builder