28 matches found
EUVD-2017-14502
Malware in sbrugna...
EUVD-2017-16731
Malware in sbrugna...
EUVD-2017-16796
Malware in sbrugna...
EUVD-2018-4337
Malware in sbrugna...
EUVD-2025-1965
Malicious code in bioql PyPI...
EUVD-2025-22362
Malicious code in bioql PyPI...
EUVD-2025-7438
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-8028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On arm64, a WASM brtable instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computati...
Linux Distros Unpatched Vulnerability : CVE-2025-8027
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This...
Linux Distros Unpatched Vulnerability : CVE-2024-7525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible for a web extension with minimal permissions to create a StreamFilter which could be used to read and modify the response body of requests on an...
CVE-2025-8036
Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...
CVE-2025-8033
The CVE-2025-8033 issue is a memory-safety bug in Mozilla’s JavaScript engine where closing generators could be resumed, causing a null pointer dereference. Affected products include Firefox and Thunderbird forks across multiple release lines (Firefox < 141, ESR tracks <115.26, <128.13, ...
CVE-2025-8039
The CVE-2025-8039 entry concerns a vulnerability where search terms persist in the URL bar after navigating away from a search page. Affected software and versions are Mozilla Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird
CVE-2025-8030
CVE-2025-8030 is publicly known and tied to an insufficent escaping in the “Copy as cURL” feature that could lead to code execution. The connected Astra Linux and Amazon/Linux advisories confirm the issue affects Firefox and Thunderbird across multiple tracks (e.g., Firefox < 141, Firefox ESR ...
CVE-2025-6424
A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12...
CVE-2025-6430
The CVE-2025-6430 entry affects Firefox and Thunderbird prior to version 140 (and ESR prior to 128.12), where the Content-Disposition header is ignored for files loaded via embed/object, creating a potential cross-site scripting risk. Connected advisories confirm this affects Firefox/Thunderbird ...
CVE-2025-6424
CVE-2025-6424: Use-after-free in FontFaceSet causing potentially exploitable crash in Firefox (affected: Firefox <140, ESR <115.25, ESR
CVE-2025-5262
A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 139 and Thunderbird 128.11...
CVE-2025-4921
Rejected reason: Duplicate of CVE-2025-4919...
CVE-2025-4918
An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object. This vulnerability affects Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1, Thunderbird 128.10.2, and Thunderbird 138.0.2...