Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.179 contained a security vulnerability caused by GFX type confusion, which could allow remote attackers to achieve sandbox escape through specially crafted video files...

ALSA-2026:19370 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect...

Mozilla Firefox和Mozilla Firefox Focus for Android 安全漏洞

Mozilla Firefox and Mozilla Firefox Focus for Android are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox Focus for Android is a privacy-oriented browser designed specifically for Android devices. There were security vulnerabilities in...

PT-2026-41960

Summary Alice runs zrok2 copy from a WebDAV or zrok drive controlled by Bob into a local filesystem target. Bob returns a DAV href such as /../outside.txt. The sync pipeline stores that path in the source inventory and passes it to FilesystemTarget.WriteStream, which joins it with the target root...

PT-2026-41992

Name of the Vulnerable Software and Affected Versions Kitty versions prior to 0.47.0 Description An issue exists in the handle compose command function within kitty/graphics.c where bounds validation on composition offsets uses unsigned 32-bit arithmetic. This process is subject to integer...

Mozilla Firefox ESR < 140.11

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-48 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefo...

RHEL 9 : mingw-glib2 (RHSA-2026:18705)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18705 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, th...

Mozilla Firefox ESR < 115.36

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.36. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-47 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefo...

Mozilla Firefox ESR < 115.36

The version of Firefox ESR installed on the remote Windows host is prior to 115.36. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-47 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR...

Mozilla多款产品 输入验证错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

ALSA-2026:19153 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component...

ALSA-2026:19157 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect...

Linux Distros Unpatched Vulnerability : CVE-2026-8953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.1...

RHEL 10 : grafana (RHSA-2026:19134)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19134 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana:...

Mozilla Firefox ESR < 140.11

The version of Firefox ESR installed on the remote Windows host is prior to 140.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-48 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR...

RHEL 10 : thunderbird (RHSA-2026:19153)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19153 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox E...

RHEL 10 : mingw-glib2 (RHSA-2026:18344)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18344 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, t...

ALSA-2026:18344 Moderate: mingw-glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: Integer overflow in in...

Linux Distros Unpatched Vulnerability : CVE-2026-8958

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbi...

CVE-2026-47090

Claude HUD through 0.0.12, patched in commit 234d9aa, constructs OSC 8 terminal hyperlink escape sequences using raw cwd and branchUrl values without stripping control characters or encoding embedded values, allowing attackers to inject arbitrary ANSI codes into terminal sessions. Attackers can...