Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-15384)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...

firefox: thunderbird: Incorrect boundary conditions in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: ImageLib component...

Mozilla Firefox < 148.0.2

The version of Firefox installed on the remote Windows host is prior to 148.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-19 advisory. - Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed evidence of memory corruption and we presum...

firefox: thunderbird: Integer overflow in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Libraries component in NSS...

RHEL 9 : firefox (RHSA-2026:3493)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3493 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libvpx: Heap...

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

Oracle Linux 9 : firefox (ELSA-2026-3339)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3339 advisory. 140.8.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...

Debian dsa-6148 : firefox-esr - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6148 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6148-1 [email protected]...

MozillaFirefox-148.0-1.1 on GA media (moderate)

MozillaFirefox-148.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10257-1 Rating: moderate Cross-References: CVE-2026-2757 CVE-2026-2758 CVE-2026-2759 CVE-2026-2760 CVE-2026-2761 CVE-2026-2762 CVE-2026-2763 CVE-2026-2764 CVE-2026-2765 CVE-2026-2766 CVE-2026-2767 CVE-2026-2768 CVE-2026-2769...

Fedora: Security Advisory (FEDORA-2026-0709b275a5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 6148-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6148-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 25, 2026 https://www.debian.org/security/faq -...

Linux Distros Unpatched Vulnerability : CVE-2026-2766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

ALSA-2026:3338 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs fixed in Firef...

CVE-2026-2805

Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox 148 and Thunderbird 148...

CVE-2026-2792

Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

CVE-2026-2775

Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2764 JIT miscompilation, use-after-free in the JavaScript Engine: JIT component

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2757

Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

firefox security update

140.7.0-1.0.1 - Update to 140.7.0 ESR Orabug: 38940976CVE-2025-14327CVE-2026-0877 CVE-2026-0878CVE-2026-0879CVE-2026-0880CVE-2026-0882CVE-2026-0883 CVE-2026-0884CVE-2026-0885CVE-2026-0886CVE-2026-0887CVE-2026-0890 CVE-2026-0891 140.6.0-1.0.1 - Update to 140.6.0 ESR Orabug:...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...