ALSA-2026:18479 Important: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shi...

AlmaLinux 9 : firefox (ALSA-2026:7671)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7671 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of service v...

AlmaLinux 8 : thunderbird (ALSA-2026:3515)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3515 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs...

EUVD-2020-4707

Malware in sbrugna...

EUVD-2021-24959

Malware in sbrugna...

EUVD-2017-14573

Malware in sbrugna...

RockyLinux 9 : firefox (RLSA-2025:8293)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:8293 advisory. firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential local...

RockyLinux 9 : thunderbird (RLSA-2025:14640)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:14640 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due...

Linux Distros Unpatched Vulnerability : CVE-2023-25736

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalid downcast from nsHTMLDocument to nsIContent could have lead to undefined behavior. This vulnerability affects Firefox 110. CVE-2023-25736 Note that...

Linux Distros Unpatched Vulnerability : CVE-2023-25733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The return value from gfx::SourceSurfaceSkia::Map wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2022-46878

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of the...

Linux Distros Unpatched Vulnerability : CVE-2019-9814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers and community members reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presu...

TencentOS Server 2: firefox (TSSA-2023:0316)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0316 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TencentOS Server 3: firefox (TSSA-2023:0104)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0104 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

FreeBSD : Mozilla -- Memory safety bugs (a5b553e5-3d7c-11f0-9a55-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a5b553e5-3d7c-11f0-9a55-b42e991fc52e advisory. [email protected] reports: Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR...

FreeBSD : Mozilla -- Memory corruption (2e0ff31b-13c8-11f0-a5bd-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2e0ff31b-13c8-11f0-a5bd-b42e991fc52e advisory. [email protected] reports: Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR...

Debian dla-4109 : firefox-esr - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4109 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4109-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2023-5725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This...

CVE-2025-1930 AudioIPC StreamData could trigger a use-after-free in the Browser process

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird...

Linux Distros Unpatched Vulnerability : CVE-2013-0783

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbir...