Mozilla Firefox < 61.0

The version of Firefox installed on the remote Windows host is prior to 61.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-15 advisory. - Mozilla developers and community members Alex Gaynor, Christoph Diehl, Christian Holler, Jason Kratzer, David Major, Jo...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.12 MFSA 2025-55, bsc1244670: CVE-2025-6424: Use-after-free in FontFaceSet bmo1966423 CVE-2025-6425: The WebCompat WebExtension shipped exposed a persistent UUID bmo1717672 CVE-2025-6426: No warning wh...

Security Vulnerabilities fixed in Thunderbird 140 — Mozilla

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. Th...

CVE-2025-6426

The executable file warning did not warn users before opening files with the terminal extension. This bug only affects Firefox for macOS. Other versions of Firefox are unaffected. This vulnerability affects Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12...

CVE-2025-6426

The CVE-2025-6426 issue affects Firefox for macOS where opening files with the terminal extension did not warn the user. Connected advisories confirm affected products and versions: Firefox before 140 and Firefox ESR before 128.12, Thunderbird before 140 and Thunderbird before 128.12. The root ca...

Security Vulnerabilities fixed in Firefox 140 — Mozilla

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. Th...

SUSE CVE-2024-11693

The executable file warning was not presented when downloading .library-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

CVE-2024-11693

The executable file warning was not presented when downloading .library-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

Mozilla Firefox < 133.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-63 advisory. - A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Under...

Mozilla Firefox < 133.0

The version of Firefox installed on the remote Windows host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-63 advisory. - A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Under specific...

Code execution vulnerability in multiple Mozilla products (CNVD-2024-46836)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products, which...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products, which...

Mozilla Firefox Security Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox version 119, which originates from downloading .msix, .msixbundle, .appx, and .appxbundle files without an executable warning...

SUSE: Security Advisory (SUSE-SU-2022:4146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox command injection vulnerability

Mozilla Firefox is an open source Web browser from the Mozilla Foundation in the U.S. A security vulnerability exists in Mozilla Firefox, which stems from a failure to display an executable warning when downloading an inetloc file that can run commands on a user's computer. No details of the...