38 matches found
EUVD-2021-24962
Malware in sbrugna...
EUVD-2024-32431
Malicious code in bioql PyPI...
EUVD-2023-58013
Malicious code in bioql PyPI...
EUVD-2022-49655
Malicious code in bioql PyPI...
Mozilla Thunderbird < 140.0
The version of Thunderbird installed on the remote Windows host is prior to 140.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-54 advisory. - Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory...
Mozilla Thunderbird < 140.0
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-54 advisory. - Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of...
CVE-2025-6426
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The executable file warning did not warn users before opening files with the terminal extension. This bug only affects Firefox and Thunderbird for macOS. Other versions of...
CVE-2025-6426
The executable file warning did not warn users before opening files with the terminal extension. This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12...
Mozilla Firefox ESR < 128.12
The version of Firefox ESR installed on the remote Windows host is prior to 128.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-53 advisory. - The executable file warning did not warn users before opening files with the terminal extension. This bug only...
CVE-2024-11693
The executable file warning was not presented when downloading .library-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...
Mozilla Firefox ESR < 128.5
The version of Firefox ESR installed on the remote Windows host is prior to 128.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-64 advisory. - Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed...
Security Vulnerabilities fixed in Thunderbird 128.5 — Mozilla
Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. An attacker could cause a select...
Mozilla Thunderbird < 133.0
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-67 advisory. - A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Unde...
Mozilla Thunderbird < 128.5
The version of Thunderbird installed on the remote Windows host is prior to 128.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-68 advisory. - Memory safety bugs present in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of thes...
CVE-2024-3863
The executable file warning was not presented when downloading .xrm-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
CVE-2024-3863
The executable file warning was not presented when downloading .xrm-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
Security Vulnerabilities fixed in Firefox 125 — Mozilla
GetBoundName could return the wrong version of an object when JIT optimizations were applied. Memory corruption in the networking stack could have led to a potentially exploitable crash. A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage...
SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2023:4213-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4213-1 advisory. - It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an...
Fedora 38 : firefox (2023-7cdf31bb36)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7cdf31bb36 advisory. - Update to latest upstream 119.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
Command injection
The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 119,...