Astra Linux - уязвимость в firefox, thunderbird

A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox 131, Firefox ESR 128.3, Firefox ESR 115.16, Thunderbird 128.3, and Thunderbird 131...

Astra Linux - уязвимость в firefox

A compromised content process could have performed session history manipulations that it should not have been able to due to a testing infrastructure that wasn’t restricted to only testing configurations. This vulnerability affects Firefox versions less than 88...

MiracleLinux 8 : thunderbird-102.11.0-1.el8.ML.1 (AXSA:2023-6153:18)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6153:18 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...

EUVD-2019-7495

Malware in sbrugna...

EUVD-2018-16948

Malware in sbrugna...

EUVD-2019-7489

Malware in sbrugna...

EUVD-2019-3435

Malware in sbrugna...

EUVD-2022-49652

Malicious code in bioql PyPI...

EUVD-2025-25246

Malicious code in bioql PyPI...

EUVD-2023-57506

Malicious code in bioql PyPI...

EUVD-2024-16537

Malicious code in bioql PyPI...

EUVD-2023-57505

Malicious code in bioql PyPI...

CVE-2025-9179

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker is able to perform memory corruption in the GMP process which process encrypted media. This process is also heavily sandboxed, but represents slightly different...

Mozilla -- memory corruption in GMP

[email protected] reports: An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process...

Linux Distros Unpatched Vulnerability : CVE-2025-4085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. Thi...

Linux Distros Unpatched Vulnerability : CVE-2017-7794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read...

Linux Distros Unpatched Vulnerability : CVE-2022-46872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.This bug only...

CVE-2019-11765

A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process, if the user accepted the permission request an attacker-controlled permission would be granted...

SUSE CVE-2025-4085

An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability was fixed in Firefox 138 and Thunderbird 138...

CVE-2025-4085

An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability affects Firefox 138 and Thunderbird 138...