Lucene search
K

994 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Firefox and Thunderbird

If the Content Security Policy blocks frame navigation, the full destination of a redirect served within the frame is reported in the violation report; instead of just the original frame URI. This could be used to disclose sensitive information contained in such URIs. This vulnerability affects...

4.3CVSS6.4AI score0.01212EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox

TypedArrays can be flawed, and they lack proper exception handling. This could lead to abuse in other APIs that expect TypedArrays to always succeed. This vulnerability affects Firefox versions less than 121...

8.8CVSS6.7AI score0.00681EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 118. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 119...

9.8CVSS7.4AI score0.00975EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Firefox was vulnerable to a heap buffer overflow in nsTextFragment due to insufficient OOM handling. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

8.8CVSS7.5AI score0.01531EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox

The z-order of browser windows can be manipulated to hide the fullscreen notifications. This could potentially be used to carry out a spoofing attack. This vulnerability has been fixed in Firefox 135 and Thunderbird 135...

4.3CVSS5.3AI score0.00352EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox

Use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 146.0.1...

9.8CVSS5.4AI score0.00265EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox

When following a redirect to a publicly accessible web extension file, the URL may have been translated into the actual local path, potentially exposing sensitive information. This vulnerability affects Firefox versions earlier than 111...

6.5CVSS6.7AI score0.00508EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Memory safety bugs exist in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141, and Thunderbird 141. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have...

8.1CVSS7.2AI score0.0044EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Firefox

Passing invalid data could result in invalid Wasm values being created, such as arbitrary integers being converted into pointer values. This vulnerability affects Firefox versions less than 124...

3.7CVSS6.8AI score0.00437EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox

A malicious website might have included an iframe with a malformed URI, resulting in a non-exploitable browser crash. This vulnerability affects Firefox versions earlier than 126...

6.5CVSS6AI score0.00389EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Firefox

When Firefox is configured to block the storage of all cookies, it is still possible to store data in localstorage by using an iframe with a source of ‘about:blank’. This could allow malicious websites to store tracking data without permission. This vulnerability affects Firefox versions earlier...

6.5CVSS6.7AI score0.00575EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution within the PDF.js context. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

8.8CVSS7.7AI score0.72648EPSS
Exploits15References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Firefox

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 108. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects versio...

8.8CVSS8.2AI score0.00521EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A website could have obscured the fullscreen notification by using a URL that was processed by an external program, such as a mailto URL. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbi...

6.5CVSS6.8AI score0.00739EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

There was a potential “use-after-free” vulnerability in SVG images if the Refresh Driver was destroyed at an inappropriate time. This could lead to memory corruption or a potentially exploitable crash. Note: This advisory was added on December 13th, 2022 after discovering that it had inadvertentl...

8.8CVSS8AI score0.0041EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

If an attacker needed a user to load an insecure http: page and knew that the user had enabled HTTPS-only mode, the attacker could trick the user into clicking to grant an HTTPS-only exception, provided they could get the user to participate in a clicking game. This vulnerability affects Firefox...

6.5CVSS6.6AI score0.0049EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

A use-after-free could occur if a JavaScript realm was being initialized when a garbage collection started. This vulnerability affects Firefox versions earlier than 125...

7.5CVSS7.2AI score0.00356EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 122. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects versions of Firefox prior to 123...

8.1CVSS7.6AI score0.00558EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

9.8CVSS7AI score0.00439EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox

The HTML Sanitizer should have sanitized the href attribute of SVG use tags; however, it incorrectly did not sanitize the xlink:href attributes. This vulnerability affects Firefox versions earlier than 102...

6.1CVSS6.8AI score0.00364EPSS
Exploits0References1
Rows per page
Query Builder