29772 matches found
OPENSUSE-SU-2026:20046-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: - Mozilla Thunderbird 140.6.0 ESR MFSA 2025-96 bsc1254551 CVE-2025-14321 bmo1992760 Use-after-free in the WebRTC: Signaling component CVE-2025-14322 bmo1996473 Sandbox escape due to incorrect boundary...
OESA-2026-1090 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...
OESA-2026-1088 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...
OESA-2026-1086 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...
firefox security update
An update is available for firefox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...
CVE-2025-67079
File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...
MiracleLinux 4 : thunderbird-45.3.0-1.AXS4 (AXSA:2016-652:06)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-652:06 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security issues fixed with this release: CVE-2016-2836 Multiple unspecified vulnerabilities in...
Cisco IOS XE Software Unified Threat Defense Snort Intrusion Prevention System Engine Multiple Vulnerabilities (cisco-sa-snort3-dcerpc-vulns-J9HNF4tH)
According to its self-reported version, Cisco IOS-XE Software is affected by the following vulnerabilities: - A vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restar...
Cisco Firepower Threat Defense (FTD) Software Multiple Vulnerabilities (cisco-sa-snort3-dcerpc-vulns-J9HNF4tH)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by the following vulnerabilities: - A vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak...
Microsoft Edge (Chromium) < 144.0.3719.82 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 144.0.3719.82. It is, therefore, affected by multiple vulnerabilities as referenced in the January 16, 2026 advisory. - Use after free in ANGLE. CVE-2026-0908 - Microsoft Edge Elevation Service exposes a privileged COM...
RockyLinux 8 : firefox (RLSA-2026:0667)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0667 advisory. firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox:...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that originates from an improper implementation in V8, which can be exploited by an attacker to bypass security restrictions...
Google Chrome security vulnerabilities
Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from improper implementations in the V8 engine...
MiracleLinux 3 : firefox-24.5.0-1.0.2.AXS3 (AXSA:2014-356:03)
The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-356:03 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...
Google Chrome security vulnerabilities
Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability, which stems from out-of-bound memory access in the V8 engine...
MiracleLinux 7 : java-11-openjdk-11.0.1.13-3.el7 (AXSA:2019-3622:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3622:01 advisory. OpenJDK: Improper field access checks Hotspot, 8199226 CVE-2018-3169 OpenJDK: Unrestricted access to scripting engine Scripting, 8202936 CVE-2018-31...
CVE-2026-1010
A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...
CVE-2026-1010
A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...
CVE-2026-1010 Stored Cross-Site Scripting in Altium Enterprise Server Workflow Engine Allows Privilege Escalation
A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...
CVE-2026-1010
A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...