2223 matches found
RHEL 8 : thunderbird (RHSA-2025:8630)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8630 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Out-of-bounds access when resolving...
[SECURITY] [DSA 5939-1] gimp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5939-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 06, 2025 https://www.debian.org/security/faq -...
CVE-2025-25021
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a privileged execute code in case management script creation due to the improper generation of code...
Debian dsa-5936 : libfile-find-rule-perl - security update
The remote Debian 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5936 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5936-1 [email protected] https://www.debian.org/security/...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Out-of-bounds access when resolving Promise objects CVE-2025-4918 firefox: thunderbird: Out-of-bounds access when optimizing linear sums CVE-2025-4919 firefox: thunderbird: Clickjacking...
CVE-2025-47726
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2025-47727 Out-of-bounds Write in CNCSoft
Delta Electronics CNCSoft lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...
SUSE: Security Advisory (SUSE-SU-2025:01702-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2025-23615 · Erupt · Erupt
Name of the Vulnerable Software and Affected Versions: erupt version 1.12.19 Description: The issue is related to an arbitrary file upload vulnerability in the /upload/GoodsCategory/image component, which allows attackers to execute arbitrary code by uploading a crafted file. Recommendations: For...
Debian dsa-5934 : roundcube - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5934 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5934-1 [email protected] https://www.debian.org/security/ Moritz...
USN-7537-2 net-tools regression
USN-7537-1 fixed a vulnerability in net-tools that caused a regression. This update fixes the problem. Original advisory details: It was discovered that net-tools incorrectly handled certain inputs. An attacker could possible use this issue to cause a crash or execute arbitrary code...
Mozilla Firefox Security Update (mfsa_2025-42) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2025-23247
CVE-2025-23247 affects the NVIDIA CUDA Toolkit cuobjdump binary. The root cause is a failure to check the length of a buffer when processing ELF inputs, which can cause the tool to crash or potentially execute arbitrary code with a crafted ELF file. A GitHub exploit PoC exists for this CVE, showi...
CVE-2025-48796
A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution...
DEBIAN-CVE-2025-5269
Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox ESR 128.11 and Thunderbird 128.11...
CVE-2025-5268 Memory safety bugs fixed in Firefox 139, Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11
Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...
Mozilla Thunderbird < 139.0
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 139.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-45 advisory. - Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10...
Advisory ROSA-SA-2025-2869
Software: libxslt 1.1.28 OS: rosa-server79 packageevrstring: libxslt-1.1.28-6.0.1.1.res7 CVE-ID: CVE-2024-55549 BDU-ID: 2025-03641 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the xsltGetInheritedNsList function of the libxslt library is related to memory usage after it has been freed...
CVE-2023-34873
On MOBOTIX P3 cameras before MX-V4.7.2.18 and Mx6 cameras before MX-V5.2.0.61, the tcpdump feature does not properly validate input, which allows authenticated users to execute code...
CVE-2024-45773
A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00...