17049 matches found
RockyLinux 10 : firefox (RLSA-2025:23035)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23035 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free i...
EulerOS 2.0 SP11 : busybox (EulerOS-SA-2025-2475)
According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence,...
RHEL 8 : firefox (RHSA-2025:23128)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:23128 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
RockyLinux 9 : firefox (RLSA-2025:23034)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23034 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...
EulerOS 2.0 SP13 : python-ldap (EulerOS-SA-2025-2530)
According to the versions of the python-ldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...
EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-2469)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...
ALSA-2025:23128 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC:...
Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2025-2516)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 6078-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6078-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 10, 2025 https://www.debian.org/security/faq -...
CVE-2025-67640
Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary shell script generated by the plugin, allowing attackers able to control the workspace directory name to inject arbitrary OS commands...
CVE-2025-67640
Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary shell script generated by the plugin, allowing attackers able to control the workspace directory name to inject arbitrary OS commands...
CVE-2025-67640
Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary shell script generated by the plugin, allowing attackers able to control the workspace directory name to inject arbitrary OS commands...
CVE-2025-67640
Jenkins Git client Plugin vulnerability CVE-2025-67640 affects versions 6.4.0 and earlier. The issue arises from improper escaping of the workspace directory path in a temporary shell script generated by the plugin, enabling an attacker who controls the workspace name to inject and execute arbitr...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2025-67487
Static Web Server SWS is a production-ready web server suitable for static web files or assets. Versions 2.40.0 and below contain symbolic links symlinks which can be used to access files or directories outside the intended web root folder. SWS generally does not prevent symlinks from escaping th...
curl: Terminal Output Not Great
Summary: No AI here, I just came across this: python import random import string from http.server import BaseHTTPRequestHandler, HTTPServer class MaliciousHandlerBaseHTTPRequestHandler: def doGETself: self.sendresponse200 self.sendheader'Content-Type', 'text/plain' randid =...
Mozilla Thunderbird < 140.6
The version of Thunderbird installed on the remote Windows host is prior to 140.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-96 advisory. - Privilege escalation in the Netmonitor component. This vulnerability affects Firefox 146, Firefox ESR 140.6,...