3799 matches found
PT-2025-26731
Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 140 Description: The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an...
firefox -- multiple vulnerabilities
[email protected] reports: An attacker was able to bypass the connect-src directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. When Multi-Account Containers was enabled, DNS requests could have bypass...
CVE-2025-49144
CVE-2025-49144 affects Notepad++ installers prior to 8.8.2 (notably v8.8.1). Root cause: insecure executable search paths allow a local attacker to execute a malicious binary (e.g., regsvr32.exe) placed in the same directory as the installer (commonly Downloads), yielding SYSTEM-level privileges ...
SAP Commerce Information Disclosure Vulnerability
SAP Commerce is a cloud-based e-commerce solution developed by SAP. An information disclosure vulnerability exists in SAP Commerce, which stems from the use of the deprecated X-FRAME-OPTIONS header to prevent clickjacking, and can be exploited by an attacker to disclose and tamper with sensitive...
firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A clickjacking vulnerability could be used to trick a user into leaking saved payment card details to a malicious page...
RHEL 8 : firefox (RHSA-2025:9155)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:9155 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libvpx:...
Astra Linux – Vulnerability in Firefox
The exception page for the HTTPS-Only feature, which appears when a website is accessed via HTTP, lacked an anti-clickjacking mechanism. This allowed attackers to trick users into granting an exception and loading a webpage via HTTP. This vulnerability has been fixed in Firefox 140 and Thunderbir...
Astra Linux – Vulnerability in Firefox, Thunderbird
A clickjacking vulnerability could have been exploited to trick users into revealing their saved payment card details to a malicious page. This vulnerability has been fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...
firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A clickjacking vulnerability could be used to trick a user into leaking saved payment card details to a malicious page...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A clickjacking vulnerability could be used to trick a user into leaking saved payment card details to a malicious page...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...
firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A clickjacking vulnerability could be used to trick a user into leaking saved payment card details to a malicious page...
firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A clickjacking vulnerability could be used to trick a user into leaking saved payment card details to a malicious page...
firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A clickjacking vulnerability could be used to trick a user into leaking saved payment card details to a malicious page...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A clickjacking vulnerability could be used to trick a user into leaking saved payment card details to a malicious page...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A clickjacking vulnerability could be used to trick a user into leaking saved payment card details to a malicious page...
TencentOS Server 2: firefox (TSSA-2024:0123)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0123 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...