Lucene search
+L

324 matches found

osv
osv
added 4 days ago4 views

MGASA-2026-0243 Updated thunderbird thunderbird-l10n packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Privilege escalation in the Graphics: WebRender component. CVE-2026-12289 Memory safety bug fixed in Thunderbird ESR 140.12. CVE-2026-12290 Use-after-free in the Networking: HTTP component. CVE-2026-12291 Incorrect boundary conditions in the Web...

9.6CVSS6.1AI score0.00476EPSS
Exploits0References6
osv
osv
added 2026/07/09 12:26 p.m.1 views

SUSE-SU-2026:2814-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Removed obsolete mozilla-nss-certs and recommends p11-kit-nss-trust bsc1269226 Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. - CVE-2026-12290: Memor...

9.6CVSS6.1AI score0.00476EPSS
Exploits0References32
osv
osv
added 2026/07/08 3:16 p.m.3 views

ALPINE-CVE-2026-49147

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS6.1AI score0.00329EPSS
Exploits0References1
osv
osv
added 2026/07/08 3:16 p.m.2 views

DEBIAN-CVE-2026-49147

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS6.1AI score0.00329EPSS
Exploits0References1
nvd
nvd
added 2026/07/08 3:16 p.m.7 views

CVE-2026-49147

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS0.00329EPSS
Exploits0References2
cve
cve
added 2026/07/08 2:55 p.m.20 views

CVE-2026-49147

App::Ack for Perl, up to version 3.10.0, is affected by a vulnerability where terminal control bytes in filenames can be emitted un-sanitised in several output modes. The root cause is that while a _safe_filename helper was added in 3.10.0 to sanitise filenames for -f, -g, the colored match headi...

7.5CVSS5.9AI score0.00329EPSS
Exploits0References2
osv
osv
added 2026/07/08 2:55 p.m.3 views

CVE-2026-49147 App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS6.1AI score0.00329EPSS
Exploits0References6
alpinelinux
alpinelinux
added 2026/07/08 2:55 p.m.11 views

CVE-2026-49147

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS5.9AI score0.00329EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.8 views

PT-2026-56586

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 12.1.8 PAN-OS versions prior to 11.2.13 PAN-OS versions prior to 11.1.16 PAN-OS versions prior to 10.2.18-h8 Description A command injection issue exists in the management plane of the software, specifically within the...

8.5CVSS6.2AI score0.014EPSS
Exploits0References6
nessus
nessus
added 2026/07/03 12:0 a.m.6 views

Fedora 43 : cpp-httplib (2026-1d4bd0354a)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1d4bd0354a advisory. Update to 0.48.0 rhbz2481109 Security fixes - Complete the IP-host certificate identity fix from v0.47.0 for the Mbed TLS and wolfSSL backends. An...

9.9CVSS6.1AI score0.00327EPSS
Exploits5References7
nvd
nvd
added 2026/06/30 1:19 p.m.12 views

CVE-2026-58012

A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...

8.2CVSS0.00322EPSS
Exploits1References3
osv
osv
added 2026/06/30 1:19 p.m.3 views

UBUNTU-CVE-2026-58012

A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...

8.2CVSS5.9AI score0.00322EPSS
Exploits1References3
cvelist
cvelist
added 2026/06/30 12:57 p.m.51 views

CVE-2026-58012 Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()

A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...

6.5CVSS0.00322EPSS
Exploits1References3
euvd
euvd
added 2026/06/30 12:57 p.m.7 views

EUVD-2026-40314

A flaw was found in GLib. A buffer over-read can occur in the gregexreplace function when used with the GREGEXRAW compile flag and case-change replacement escapes because the stringappend function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the stri...

6.5CVSS5.9AI score0.00322EPSS
Exploits1References3
cve
cve
added 2026/06/30 12:57 p.m.21 views

CVE-2026-58012

CVE-2026-58012 affects GLib. A buffer over-read can occur in g_regex_replace when used with the G_REGEX_RAW flag and case-change replacement escapes because string_append processes matched substrings with UTF-8 functions that expect valid UTF-8 input, even when treated as raw bytes. Impact: minor...

8.2CVSS5.9AI score0.00322EPSS
Exploits1References3Affected Software2
redhat
redhat
added 2026/06/30 10:34 a.m.7 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.6CVSS5.8AI score0.00476EPSS
Exploits0References30
osv
osv
added 2026/06/26 12:3 p.m.6 views

RLSA-2026:29940 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component CVE-2026-12313 firefox:...

7.5CVSS5.8AI score0.00476EPSS
Exploits0References30
osv
osv
added 2026/06/25 12:0 a.m.4 views

ALSA-2026:29940 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component CVE-2026-12313 firefox:...

9.6CVSS5.8AI score0.00476EPSS
Exploits0References60
osv
osv
added 2026/06/23 1:27 p.m.4 views

SUSE-SU-2026:2582-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. - CVE-2026-12290: Memory safety bug fixed in Firefox ESR 140.12. - CVE-2026-12291: Use-after-free in the...

9.6CVSS5.9AI score0.00476EPSS
Exploits0References31
almalinux
almalinux
added 2026/06/22 12:0 a.m.7 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers component CVE-2026-12294 firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process...

9.6CVSS5.8AI score0.00476EPSS
Exploits0References60
Rows per page
Query Builder