29779 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Check the running state of GuC before deregistering an exec queue. During normal operation, a registered exec queue is disabled and deregistered through GuC. It is only freed after GuC confirms completion. However, if...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bamdma: Fixed error handling for num-channels/ees When there is no clock specified in the device tree, there is no way to ensure that the BAM is enabled. This often occurs for remotely controlled or remotely...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: idxd: Fixed a double-free in idxdsetupwqs The cleanup in idxdsetupwqs contained a few bugs, as the error handling was somewhat subtle. It’s simpler to rewrite the code in a more clean way. The issues are as follows:...
CVE-2026-0884 Use-after-free in the JavaScript Engine component
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
CVE-2026-0884
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
CVE-2026-0884
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
CVE-2026-0884 Use-after-free in the JavaScript Engine component
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
CVE-2026-0884
CVE-2026-0884 is a use-after-free in the JavaScript Engine component. Affected products include Firefox (versions before 147 and ESR before 140.7) and Thunderbird (versions before 147 and ESR before 140.7). The issue is confirmed in multiple security advisories and Debian/Distro records. Remediat...
CVE-2026-0510 Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping
The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...
CVE-2026-0510 Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping
The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...
Mozilla -- multiple vulnerabilities
Memory safety bugs present in firefox-esr 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. Clickjacking issue and information disclosure in the PDF Viewer component. Use-after-free in the JavaScript: GC component...
Mozilla Firefox和Mozilla Firefox ESR 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation, USA.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation, USA. A code execution vulnerability exists in Mozilla Firefox and Mozilla Firefox ESR due to a use-after-release in...
PT-2026-2646
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 147 Firefox ESR versions prior to 140.7 Description A use-after-free issue exists in the JavaScript Engine component. This can potentially allow for unexpected behavior or code execution. Recommendations Update Firefo...
KLA90833 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1...
KLA90835 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Denial of...
Linux Distros Unpatched Vulnerability : CVE-2026-0884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
Google Chrome < 144.0.7559.59 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 144.0.7559.59. It is, therefore, affected by multiple vulnerabilities as referenced in the 202601stable-channel-update-for-desktop13 advisory. - Use after free in ANGLE in Google Chrome prior to 144.0.7559.59 allowed a...
MiracleLinux 8 : firefox-140.6.0-1.el8_10.ML.1 (AXSA:2025-11551:37)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-11551:37 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-fr...
MiracleLinux 9 : pki-servlet-engine-9.0.50-1.el9_2.2 (AXSA:2025-10718:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10718:01 advisory. tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 9 : firefox-128.14.0-2.el9_6.ML.1 (AXSA:2025-10784:29)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10784:29 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escap...