MGASA-2025-0329 Updated thunderbird packages fix security vulnerabilities

Use-after-free in the WebRTC: Signaling component. CVE-2025-14321 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. CVE-2025-14322 Privilege escalation in the DOM: Notifications component. CVE-2025-14323 IT miscompilation in the JavaScript Engine: JIT...

CVE-2025-66004

A local path traversal vulnerability in usbmuxd allows unprivileged users to send crafted messages to its world-writable UNIX socket, causing the daemon to create or delete files as the usbmux user. Due to insufficient validation of the PairRecordID field, attackers can escape the intended...

SUSE-SU-2025:4396-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.6.0 ESR bsc1254551. - MFSA 2025-94 CVE-2025-14321: use-after-free in the WebRTC: Signaling component. CVE-2025-14322: sandbox escape due to incorrect boundary conditions in the Graphics:...

Google Chrome Reuse After Release Vulnerability

Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from a post-release reuse vulnerability that stems from post-release reuse in the password manager. An attacker can exploit this vulnerability to perform a sandbox escape...

SUSE SLES15 Security Update : kubernetes1.23 (SUSE-SU-2025:02423-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02423-2 advisory. - CVE-2021-25743: Escape terminal special characters in kubectl output bsc1194400. - CVE-2023-2431: Prevent pods to bypass the...

openSUSE 15 Security Update : python-maturin (SUSE-SU-2025:03082-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03082-1 advisory. - CVE-2025-58160: terminal escape injection via ANSI sequences from untrusted input bsc1249011. Tenable has extracted the preceding description block direct...

Exploit for Improper Neutralization of Line Delimiters in Cacti

███╗ ███╗ ██████╗ ███╗ ██╗██╗████████╗ ██████╗ ██████╗ █...

Exploit for CVE-2025-9074

CVE-2025-9074DAEMONKILLER The Ultimate DAEMONKILLER. C...

CVE-2025-43497

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox...

CVE-2025-67508

gardenctl is a command-line client for the Gardener which configures access to clusters and cloud provider CLI tools. When using non‑POSIX shells such as Fish and PowerShell, versions 2.11.0 and below of gardenctl allow an attacker with administrative privileges for a Gardener project to craft...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: aide (UTSA-2025-991233)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991233 advisory. AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft...

CVE-2025-66419

MaxKB is an open-source AI assistant for enterprise. In versions 2.3.1 and below, the tool module allows an attacker to escape the sandbox environment and escalate privileges under certain concurrent conditions. This issue is fixed in version 2.4.0...

CVE-2025-43497

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox...

CVE-2025-43393

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox...

CVE-2025-43497

The CVE-2025-43497 entry describes an access issue in macOS Tahoe 26.1 where an application may be able to break out of its sandbox due to insufficient sandbox restrictions. The issue is fixed in macOS Tahoe 26.1. The vulnerability is described with a LOCAL attack vector, LOW privileges, and no u...

CVE-2025-43497

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox...

CVE-2025-43497

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox...

CVE-2025-43393

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox...

CVE-2025-43393

CVE-2025-43393 affects macOS Tahoe prior to 26.1 where an app may break out of its sandbox (local, low-privilege risk). The issue is addressed in macOS Tahoe 26.1 with extra sandbox restrictions. References from NVD/Red Hat/CVE listings corroborate a sandbox/permissions regression fixed by Apple ...

CVE-2025-14372

Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...