6513 matches found
firefox: thunderbird: Memory safety bug fixed in Firefox ESR 140.12
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Firefox ESR 140.12...
SUSE SLED15: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2026:2582-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2582-1 advisory. Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphic...
SUSE-SU-2026:2582-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. - CVE-2026-12290: Memory safety bug fixed in Firefox ESR 140.12. - CVE-2026-12291: Use-after-free in the...
ROS-20260622-73-0015
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Debian dla-4635 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4635 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4635-1 [email protected]...
Astra Linux – Vulnerability in Firefox and Thunderbird
A out-of-bounds read could have led to a exploitable crash during HTML parsing using the DOMParser in low-memory situations. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...
Astra Linux – Vulnerability in Thunderbird, Firefox
Memory safety bugs exist in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has be...
Astra Linux – Vulnerability in Thunderbird, Firefox
It was possible to cause a use-after-free in the content processing side of a WebTransport connection, resulting in a potentially exploitable crash. This vulnerability has been fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...
Astra Linux – Vulnerability in Firefox and Thunderbird
Memory safety bugs exist in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux – Vulnerability in Firefox
Use-after-free in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Firefox
Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Firefox
Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Firefox and Thunderbird
The WebGL DrawElementsInstanced method was vulnerable to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
Astra Linux – Vulnerability in Firefox and Thunderbird
Memory safety bugs exist in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux – Vulnerability in Firefox and Thunderbird
JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
Astra Linux – Vulnerability in Firefox and Thunderbird
DoS attack due to out-of-memory in the Graphics:WebRender component. This vulnerability was fixed in Firefox 142, Firefox ESR 140.2, Thunderbird 142, and Thunderbird 140.2...
Astra Linux – Vulnerability in Firefox and Thunderbird
On arm64, WASM code might result in incorrect assembly generation, leading to a register allocation issue and potentially a exploitable crash. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
Astra Linux – Vulnerability in Firefox and Thunderbird
Documents loaded with the CSP sandbox directive could have escaped the sandbox’s script restrictions by embedding additional content. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...
Astra Linux – Vulnerability in Firefox and Thunderbird
During iframe navigation, certain pages did not have their FeaturePolicy fully initialized, resulting in a bypass that allowed device permissions to be leaked into untrusted sub-documents. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
Astra Linux – Vulnerability in Firefox and Thunderbird
When a ServiceWorker intercepted a request using FetchEvent, the origin of the request was lost after the ServiceWorker took control of it. This caused the SameSite cookie protections to be negated. This issue was addressed in the specifications, and later in browsers. This vulnerability affects...