Lucene search
K

19 matches found

Oracle linux
Oracle linux
added 2025/01/16 12:0 a.m.54 views

firefox security update

128.6.0-1.0.1 - Update to 128.6.0 build1 Orabug: 37460830CVE-2025-0237CVE-2025-0238 CVE-2025-0239CVE-2025-0240CVE-2025-0241CVE-2025-0242CVE-2025-0243 - Enable PipeWire camera support for RHEL 10 + backport upstream fixes for PipeWire camera support Fixes: RHEL-64749...

7.7CVSS7.4AI score0.1307EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2025/01/16 12:0 a.m.5 views

MozillaThunderbird-128.6.0-1.1 on GA media (moderate)

MozillaThunderbird-128.6.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14648-1 Rating: moderate Cross-References: CVE-2025-0237 CVE-2025-0238 CVE-2025-0239 CVE-2025-0240 CVE-2025-0241 CVE-2025-0242 CVE-2025-0243 CVSS scores: CVE-2025-0237 SUSE : 5.4...

6.5CVSS6.7AI score0.1307EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/01/14 12:0 a.m.10 views

Mageia: Security Advisory (MGASA-2025-0009)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS6.8AI score0.1307EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/01/13 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2025:0059-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS6.9AI score0.1307EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2025/01/13 12:0 a.m.4 views

MozillaFirefox-134.0-1.1 on GA media (moderate)

MozillaFirefox-134.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14630-1 Rating: moderate Cross-References: CVE-2025-0237 CVE-2025-0238 CVE-2025-0239 CVE-2025-0240 CVE-2025-0241 CVE-2025-0242 CVE-2025-0243 CVE-2025-0244 CVE-2025-0245 CVE-2025-0246 CVE-2025-0247 CVSS scores: CVE-2025-0237 SU...

8.8CVSS8.1AI score0.1307EPSS
Exploits0
OSV
OSV
added 2025/01/10 7:36 a.m.11 views

SUSE-SU-2025:0059-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 128.6.0 ESR Fixed: Various security fixes. MFSA 2025-02 bsc1234991 CVE-2025-0237 bmo1915257 WebChannel APIs susceptible to confused deputy attack CVE-2025-0238 bmo1915535 Use-after-free when breaking lin...

7.7CVSS7.2AI score0.1307EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/01/10 12:0 a.m.26 views

AlmaLinux 9 : firefox (ALSA-2025:0080)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:0080 advisory. firefox: Use-after-free when breaking lines in text CVE-2025-0238 firefox: Memory corruption when using JavaScript Text Segmentation CVE-2025-0241 firefox...

7.7CVSS6.9AI score0.1307EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/01/09 12:0 a.m.22 views

RHEL 9 : firefox (RHSA-2025:0162)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:0162 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

7.7CVSS7AI score0.1307EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/01/09 12:0 a.m.14 views

Fedora 40 : firefox (2025-e8a71b6caf)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e8a71b6caf advisory. - Updated to latest upstream 134.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

9.8CVSS6.6AI score0.1307EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/01/09 12:0 a.m.21 views

RHEL 8 : firefox (RHSA-2025:0134)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:0134 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

7.7CVSS7AI score0.1307EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2025/01/08 12:0 a.m.14 views

Mozilla Firefox ESR Security Update (mfsa_2025-02) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

7.7CVSS6.5AI score0.1307EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/01/08 12:0 a.m.16 views

Mozilla Firefox ESR Security Update (mfsa_2025-02) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

7.7CVSS6.5AI score0.1307EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/01/07 10:19 p.m.14 views

CVE-2025-0237

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

6.8CVSS6.5AI score0.00604EPSS
Exploits0References6
Chainguard
Chainguard
added 2025/01/07 4:15 p.m.17 views

CVE-2025-0237 vulnerabilities

Vulnerabilities for packages: firefox, firefox-esr...

5.4CVSS6.7AI score0.00604EPSS
Exploits0
Wolfi
Wolfi
added 2025/01/07 4:15 p.m.23 views

CVE-2025-0237 vulnerabilities

Vulnerabilities for packages: firefox...

5.4CVSS7.1AI score0.00604EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/01/07 4:15 p.m.10 views

CVE-2025-0237

The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird...

5.4CVSS6.8AI score0.00604EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/01/07 4:7 p.m.9 views

CVE-2025-0237 WebChannel APIs susceptible to confused deputy attack

The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird...

6.8AI score0.00604EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/01/07 4:7 p.m.25 views

CVE-2025-0237 WebChannel APIs susceptible to confused deputy attack

The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird...

0.00604EPSS
Exploits0References5
CVE
CVE
added 2025/01/07 4:7 p.m.575 views

CVE-2025-0237

CVE-2025-0237 concerns the WebChannel API: the sending principal was accepted without validation, enabling potential privilege escalation. Affected products include Firefox (all releases before 134; including ESR

5.4CVSS6.8AI score0.00604EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder