Lucene search
K

16 matches found

NVD
NVD
added 2026/05/15 5:16 p.m.39 views

CVE-2026-44310

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

5.4CVSS0.00111EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-1969

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00376EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/02/14 12:0 a.m.10 views

RockyLinux 8 : firefox (RLSA-2025:1283)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:1283 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox:...

9.8CVSS7.4AI score0.01196EPSS
Exploits0References17
OSV
OSV
added 2025/02/13 8:34 p.m.25 views

RLSA-2025:1283 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox: thunderbird: Use-after-fr...

8.8CVSS9.1AI score0.01196EPSS
Exploits0References9
OSV
OSV
added 2025/02/11 12:0 a.m.13 views

ALSA-2025:1292 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox: thunderbird: Use-after-free in Custom Highlight CVE-2025-1010 firefox:...

9.8CVSS8.8AI score0.01331EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2025/02/10 1:54 p.m.2 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.7 MFSA 2025-10, bsc1236539. Security fixes: CVE-2025-1009: use-after-free in XSLT. CVE-2025-1010: use-after-free in Custom Highlight. CVE-2025-1011: a bug in WebAssembly code generation could result i...

8.8CVSS7.6AI score0.01331EPSS
Exploits0References26
Mageia
Mageia
added 2025/02/09 12:19 a.m.25 views

Updated rootcerts, nss & firefox packages fix security vulnerabilities

Use-after-free in XSLT. CVE-2025-1009 Use-after-free in Custom Highlight. CVE-2025-1010 A bug in WebAssembly code generation could result in a crash. CVE-2025-1011 Use-after-free during concurrent delazification. CVE-2025-1012 Potential double-free vulnerability in PKCS7 decryption handling...

9.8CVSS8AI score0.01196EPSS
Exploits0References4
OSV
OSV
added 2025/02/08 12:37 p.m.5 views

OESA-2025-1102 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox 135, Firefox ESR...

9.8CVSS7.9AI score0.01196EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/02/07 12:0 a.m.18 views

RHEL 7 : firefox (RHSA-2025:1132)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:1132 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS7.5AI score0.01196EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2025/02/06 11:41 a.m.13 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS7AI score0.01196EPSS
Exploits0References9
OSV
OSV
added 2025/02/05 3:38 p.m.8 views

SUSE-SU-2025:0374-1 Security update for MozillaFirefox

This update for MozillaFirefox to 128.7esr fixes the following issues: MFSA 2025-09 CVE-2025-1009 bmo1936613 Use-after-free in XSLT CVE-2025-1010 bmo1936982 Use-after-free in Custom Highlight CVE-2025-1011 bmo1936454 A bug in WebAssembly code generation could result in a crash CVE-2025-1012...

9.8CVSS10AI score0.01196EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2025/02/05 11:36 a.m.19 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS7AI score0.01196EPSS
Exploits0References9
OSV
OSV
added 2025/02/04 2:15 p.m.10 views

CVE-2025-1014

Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability affects Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

8.8CVSS6AI score
Exploits0References6
Cvelist
Cvelist
added 2025/02/04 1:58 p.m.16 views

CVE-2025-1014 Certificate length was not properly checked

Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

0.00376EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2025/02/04 12:0 a.m.12 views

mozilla -- multiple vulnerabilities

[email protected] reports: A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have...

9.8CVSS8.2AI score0.00628EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/02/04 12:0 a.m.6 views

PT-2025-4127 · Mozilla +10 · Thunderbird +12

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 135 Firefox ESR versions prior to 128.7 Thunderbird versions prior to 128.7 Thunderbird versions prior to 135 Description: The certificate length was not properly checked when added to a certificate store. In practic...

10CVSS6.7AI score0.1307EPSS
Exploits9References426
Rows per page
Query Builder