73262 matches found
EUVD-2026-36632
Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incorrect autofill field selection. This issue affects Avira Password Manager when...
CVE-2026-12068
Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incorrect autofill field selection. This issue affects Avira Password Manager when...
CVE-2026-12068 Avira Password Manager credential disclosure via cross-origin autofill in Firefox
Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incorrect autofill field selection. This issue affects Avira Password Manager when...
CVE-2026-12068
CVE-2026-12068 describes an information disclosure in Avira Password Manager when used with Mozilla Firefox across Windows, macOS, and Linux. A remote attacker in a cross-origin iframe can cause incorrect autofill field selection to reveal credentials autofilled on the parent page. Affected compo...
MiracleLinux 8 : thunderbird-140.11.0-1.el8_10.ML.1 (AXSA:2026-781:13)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-781:13 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...
PT-2026-49049
Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incorrect autofill field selection. This issue affects Avira Password Manager when...
CVE-2026-45173
The CVE concerns Idira Identity Browser Extension for Chrome, Firefox, and Edge, with versions prior to 26.8.1. A flaw in origin validation within internal web-page verification routines could allow a remote attacker to trigger unauthorized application interaction or execution parameters within a...
GHSA-HMRH-MQV8-RVVR vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2026-10702 vulnerabilities
Vulnerabilities for packages: firefox...
GHSA-3VRV-754Q-MQ3J vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2026-10701 vulnerabilities
Vulnerabilities for packages: firefox...
GHSA-HMRH-MQV8-RVVR vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2026-10701 vulnerabilities
Vulnerabilities for packages: firefox...
GHSA-3VRV-754Q-MQ3J vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2026-10702 vulnerabilities
Vulnerabilities for packages: firefox...
firefox security update
140.9.0-1.0.1 - Update to 140.9.0 ESR Orabug: 39361657CVE-2026-4684CVE-2026-4685 CVE-2026-4686CVE-2026-4687CVE-2026-4688CVE-2026-4689CVE-2026-4690 CVE-2026-4691CVE-2026-4692CVE-2026-4693CVE-2026-4694CVE-2026-4695 CVE-2026-4696CVE-2026-4697CVE-2026-4698CVE-2026-4699CVE-2026-4700...
Oracle Linux 7 : firefox (ELSA-2026-13977)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-13977 advisory. - Update to 140.9.1 ESR Orabug: 39324689CVE-2026-5731CVE-2026-5732 CVE-2026-5734CVE-2026-33416CVE-2026-33636 - Update to 140.9.0 ESR Orabug:...
Oracle Linux 7 : firefox (ELSA-2026-3984)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3984 advisory. - Update to 140.8.0 ESR Orabug: 39361647CVE-2026-2447CVE-2026-2757 CVE-2026-2758CVE-2026-2759CVE-2026-2760CVE-2026-2761CVE-2026-2762...
Oracle Linux 7 : firefox (ELSA-2026-8427)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-8427 advisory. - Update to 140.9.0 ESR Orabug: 39361657CVE-2026-4684CVE-2026-4685 CVE-2026-4686CVE-2026-4687CVE-2026-4688CVE-2026-4689CVE-2026-4690...
PT-2026-48663
Recently received CVE-2026-11892 for a vulnerability which led to the complete compromise of Mozilla's CI pipeline which could have allowed me to compromise Firefox builds. GHSA situated here - https://t.co/oVBm0DaCVk...