9 matches found
RockyLinux 10 : thunderbird (RLSA-2026:6342)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6342 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR...
RHEL 8 : thunderbird (RHSA-2026:4022)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:4022 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox:...
AlmaLinux 10 : thunderbird (ALSA-2026:3517)
The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3517 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bug...
RockyLinux 10 : thunderbird (RLSA-2026:3517)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3517 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bu...
AlmaLinux 9 : firefox (ALSA-2026:3339)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3339 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs...
firefox: thunderbird: Use-after-free when breaking lines in text
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash...
CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32434 Apple Multiple Products Integer Overflow Vulnerability CVE-2023-32435 Apple iOS and iPadOS WebKit Memory Corruption Vulnerability CVE-2023-32439 Apple...
RHEL 8 : firefox (RHSA-2020:2382)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2382 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
Mozilla Firefox onreadystatechange Event Use After Free
Added: 08/22/2013 CVE: CVE-2013-1690 BID: 60778 OSVDB: 94584 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A use-after-free vulnerability is triggered when handling onreadystatechange events and Event or Page reloads at t...