MiracleLinux 4 : firefox-38.4.0-1.0.1.AXS4 (AXSA:2015-538:10)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-538:10 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this release:...

MiracleLinux 3 : firefox-3.6.26-1.0.1.AXS3, xulrunner-1.9.2.26-1.0.1.AXS3 (AXSA:2012-152:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-152:01 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 3 : firefox-3.0.19-1.0.1.AXS3, xulrunner-1.9.0.19-1.0.1.AXS3 (AXSA:2010-172:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-172:01 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 3 : firefox-3.6.11-2.0.1.AXS3; nss-3.12.8-1.AXS3; xulrunner-1.9.2.11-2.0.1.AXS3 (AXSA:2010-476:07)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-476:07 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Network Security Services NSS is a set...

MiracleLinux 3 : firefox-10.0.11-1.0.1.AXS3, xulrunner-10.0.11-1.0.1.AXS3 (AXSA:2012-979:05)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-979:05 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. XULRunner is a Mozilla runtime package...

CVE-2026-0888

Information disclosure in the XML component. This vulnerability was fixed in Firefox 147 and Thunderbird 147...

Mozilla Firefox和Mozilla Firefox ESR 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation.Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation that is separate from the Mozilla...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox prior to version 147, which stems from an information leak in an XML component...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2025:4424-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4424-1 advisory. Update to Firefox Extended Support Release 140.6.0 ESR bsc1254551. - MFSA 2025-94 CVE-2025-14321...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.6.0 ESR bsc1254551. MFSA 2025-94 CVE-2025-14321: use-after-free in the WebRTC: Signaling component. CVE-2025-14322: sandbox escape due to incorrect boundary conditions in the Graphics:...

ROS-20251217-7309

A vulnerability in the Audio/Video component of Mozilla Firefox and Firefox ESR browsers is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Oracle Linux 7 : firefox (ELSA-2025-22371)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-22371 advisory. 140.5.0-1.0.1 - Update to 140.5.0 ESR Orabug: 38708474CVE-2025-13012CVE-2025-13013 CVE-2025-13014CVE-2025-13015CVE-2025-13016CVE-2025-13017...

Fedora 43 : firefox (2025-f20b9f321d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f20b9f321d advisory. - Fixed aarch64 crashes ---- - Updated to latest upstream 146.0 Tenable has extracted the preceding description block directly from the Fedora...

RLSA-2025:23035 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC:...

Amazon Linux 2023 : firefox (ALAS2023-2025-1305)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1305 advisory. A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palettelookup array boun...

Mozilla Firefox和Mozilla Firefox ESR 安全漏洞

Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation, U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox versions prior to 146 and Firefox...

CVE-2025-62593 Ray is vulnerable to RCE via Safari & Firefox Browsers through DNS Rebinding Attack

Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense us...

CVE-2025-62593 Ray is vulnerable to RCE via Safari & Firefox Browsers through DNS Rebinding Attack

Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense us...