89 matches found
Astra Linux - уязвимость в firefox, thunderbird
A use-after-free occurred in FontFaceSet, resulting in a potentially exploitable crash. This vulnerability has been fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12...
Astra Linux - уязвимость в webkit2gtk
A use-after-free vulnerability exists in the SVG implementation in Blink, as used in Google Chrome before version 35.0.1916.114. This vulnerability allows remote attackers to cause a denial of service or potentially cause unspecified other impacts through vectors that trigger the removal of an...
RLSA-2025:10073 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet CVE-2025-6424 firefox:...
Linux Distros Unpatched Vulnerability : CVE-2011-3443
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service hea...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.12 MFSA 2025-55, bsc1244670: CVE-2025-6424: Use-after-free in FontFaceSet bmo1966423 CVE-2025-6425: The WebCompat WebExtension shipped exposed a persistent UUID bmo1717672 CVE-2025-6426: No warning wh...
SUSE-SU-2025:02368-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.12 MFSA 2025-55, bsc1244670: - CVE-2025-6424: Use-after-free in FontFaceSet bmo1966423 - CVE-2025-6425: The WebCompat WebExtension shipped exposed a persistent UUID bmo1717672 - CVE-2025-6426: No...
webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents
A use-after-free vulnerability was found in the SVG implementation within WebKitGTK. This flaw allows remote attackers to exploit the removal of an SVGFontFaceElement object, which occurs through specific vectors that trigger the deletion of the object during rendering...
MGASA-2025-0201 Updated rootcerts, nss & firefox packages fix security vulnerabilities
CVE-2025-6424: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. CVE-2025-6425: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private...
firefox: thunderbird: Use-after-free in FontFaceSet
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...
firefox: thunderbird: Use-after-free in FontFaceSet
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...
firefox: thunderbird: Use-after-free in FontFaceSet
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...
firefox: thunderbird: Use-after-free in FontFaceSet
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...
firefox: thunderbird: Use-after-free in FontFaceSet
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...
firefox: thunderbird: Use-after-free in FontFaceSet
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...
firefox: thunderbird: Use-after-free in FontFaceSet
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...
firefox: thunderbird: Use-after-free in FontFaceSet
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...
firefox: thunderbird: Use-after-free in FontFaceSet
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...
firefox: thunderbird: Use-after-free in FontFaceSet
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...
CVE-2022-28368
Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...
webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents
A use-after-free vulnerability was found in the SVG implementation within WebKitGTK. This flaw allows remote attackers to exploit the removal of an SVGFontFaceElement object, which occurs through specific vectors that trigger the deletion of the object during rendering...