324 matches found
MGASA-2026-0243 Updated thunderbird thunderbird-l10n packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Privilege escalation in the Graphics: WebRender component. CVE-2026-12289 Memory safety bug fixed in Thunderbird ESR 140.12. CVE-2026-12290 Use-after-free in the Networking: HTTP component. CVE-2026-12291 Incorrect boundary conditions in the Web...
SUSE-SU-2026:2814-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - Removed obsolete mozilla-nss-certs and recommends p11-kit-nss-trust bsc1269226 Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. - CVE-2026-12290: Memor...
ALPINE-CVE-2026-49147
App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...
DEBIAN-CVE-2026-49147
App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...
CVE-2026-49147
App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...
CVE-2026-49147
App::Ack for Perl, up to version 3.10.0, is affected by a vulnerability where terminal control bytes in filenames can be emitted un-sanitised in several output modes. The root cause is that while a _safe_filename helper was added in 3.10.0 to sanitise filenames for -f, -g, the colored match headi...
CVE-2026-49147 App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes
App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...
CVE-2026-49147
App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...
PT-2026-56586
Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 12.1.8 PAN-OS versions prior to 11.2.13 PAN-OS versions prior to 11.1.16 PAN-OS versions prior to 10.2.18-h8 Description A command injection issue exists in the management plane of the software, specifically within the...
Fedora 43 : cpp-httplib (2026-1d4bd0354a)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1d4bd0354a advisory. Update to 0.48.0 rhbz2481109 Security fixes - Complete the IP-host certificate identity fix from v0.47.0 for the Mbed TLS and wolfSSL backends. An...
CVE-2026-58012
A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...
UBUNTU-CVE-2026-58012
A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...
CVE-2026-58012 Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()
A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...
EUVD-2026-40314
A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...
CVE-2026-58012
CVE-2026-58012 affects GLib. A buffer over-read can occur in g_regex_replace when used with the G_REGEX_RAW flag and case-change replacement escapes because string_append processes matched substrings with UTF-8 functions that expect valid UTF-8 input, even when treated as raw bytes. Impact: minor...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
RLSA-2026:29940 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component CVE-2026-12313 firefox:...
ALSA-2026:29940 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component CVE-2026-12313 firefox:...
SUSE-SU-2026:2582-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. - CVE-2026-12290: Memory safety bug fixed in Firefox ESR 140.12. - CVE-2026-12291: Use-after-free in the...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process...