ROS-20260625-73-0019

The vulnerability of the DOM component in Firefox web browsers, Firefox ESR, and the Thunderbird email client is related to the use of memory after it is released. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protecte...

ROS-20260622-73-0017

The vulnerability of the DOM component in Firefox web browsers, Firefox ESR, and the Thunderbird email client is related to the use of memory after it is released. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protecte...

Astra Linux – Vulnerabilities in Firefox, Thunderbird, NSS

After accepting an untrusted certificate, handling an empty PKCS7 sequence as part of the certificate data could have led to a crash. This crash is believed to be exploitable. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

Astra Linux – Vulnerability in Firefox and Thunderbird

In specific HSTS configurations, an attacker could bypass HSTS on a subdomain. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

CVE-2026-12302

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2026-12330 Incorrect boundary conditions in the Internationalization component

Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12, Firefox ESR 115.37, and Thunderbird 140.12...

CVE-2026-12068 Avira Password Manager credential disclosure via cross-origin autofill in Firefox

Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incorrect autofill field selection. This issue affects Avira Password Manager when...

ROS-20260610-73-0014

The vulnerability of the IndexedDB component in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the exposure of information. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected informati...

ROS-20260609-73-0020

The vulnerability of the Canvas2D component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient testing for unusual or exceptional states. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

RHEL 7 : firefox (RHSA-2026:22708)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:22708 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

ROS-20260605-73-0103

Vulnerability of WebRTC component: The networking functions of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are vulnerable due to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow attackers to compromise the confidentiality,...

ROS-20260605-73-0085

The vulnerability of Firefox browsers, Firefox ESR, and Thunderbird email clients, Thunderbird ESR, is related to writing beyond the buffer limit. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260605-73-0086

Vulnerability of the Graphics component: The text-based browsers Mozilla Firefox, Firefox ESR, and the email client Thunderbird are vulnerable to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

RLSA-2026:19160 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

Updated nspr, nss and firefox(-l10n) packages fix security issues

The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...

Linux Distros Unpatched Vulnerability : CVE-2022-45410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect...

AlmaLinux 9 : firefox (ALSA-2026:20574)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:20574 advisory. firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox...

OESA-2026-2392 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

[SECURITY] Fedora 44 Update: firefox-151.0-2.fc44

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability...