Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.14 views

AlmaLinux 9 : thunderbird (ALSA-2026:15892)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:15892 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScrip...

9.8CVSS6AI score0.04938EPSS
Exploits1References27
OSV
OSV
added 2026/05/09 4:24 p.m.9 views

MGASA-2026-0125 Updated thunderbird packages fix security vulnerabilities

Use-after-free in the DOM: Core & HTML component. CVE-2026-6746 Use-after-free in the WebRTC component. CVE-2026-6747 Uninitialized memory in the Audio/Video: Web Codecs component. CVE-2026-6748 Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. CVE-2026-6749...

9.8CVSS5.8AI score0.00586EPSS
Exploits0References6
OSV
OSV
added 2026/05/09 4:24 p.m.6 views

MGASA-2026-0124 Updated rootcerts, nss & firefox packages fix security vulnerabilities

Use-after-free in the DOM: Core & HTML component. CVE-2026-6746 Use-after-free in the WebRTC component. CVE-2026-6747 Uninitialized memory in the Audio/Video: Web Codecs component. CVE-2026-6748 Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. CVE-2026-6749...

9.8CVSS5.8AI score0.00586EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.12 views

RockyLinux 8 : thunderbird (RLSA-2026:13537)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13537 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScri...

9.8CVSS5.9AI score0.04938EPSS
Exploits1References51
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.9 views

SUSE CVE-2026-42041

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution to silently suppress all HTTP error responses 401, 403, 500, etc., causing them to be...

6.5CVSS5.8AI score0.00611EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-42041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library is vulnerable to a Prototype Pollution Gadget...

8.2CVSS5.8AI score0.00611EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-35050

Name of the Vulnerable Software and Affected Versions Axios versions prior to 1.15.1 Axios versions prior to 0.31.1 Description The library is susceptible to a Prototype Pollution Gadget attack. This occurs because the validateStatus configuration property utilizes the mergeDirectKeys merge...

8.2CVSS5.8AI score0.00611EPSS
Exploits1References260
RedHat Linux
RedHat Linux
added 2026/01/05 1:36 a.m.7 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.8CVSS7.3AI score0.00498EPSS
Exploits2References11
AlmaLinux
AlmaLinux
added 2026/01/05 12:0 a.m.8 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC: Signaling component CVE-2025-14321 firefox: JIT...

9.8CVSS7.7AI score0.00498EPSS
Exploits2References22
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.3 views

RHEL 8 : firefox (RHSA-2026:0015)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0015 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS8.3AI score0.00498EPSS
Exploits2References22
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.3 views

AlmaLinux 8 : firefox (ALSA-2025:23128)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:23128 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...

9.8CVSS8.7AI score0.00498EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.3 views

RockyLinux 10 : firefox (RLSA-2025:23035)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23035 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free i...

9.8CVSS8.7AI score0.00498EPSS
Exploits2References21
Kaspersky
Kaspersky
added 2025/12/09 12:0 a.m.6 views

KLA90808 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in the WebR...

9.8CVSS8.8AI score0.00498EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-3276

Malware in sbrugna...

7.2CVSS6.1AI score0.005EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-40972

Name of the Vulnerable Software and Affected Versions Ruby versions prior to 3.4.7 Description The URI gem contained a flaw that allowed for credential leakage, bypassing previous fixes. This issue impacts systems utilizing the URI gem and could potentially expose sensitive information...

7.5CVSS7.5AI score0.0051EPSS
Exploits0References61
OSV
OSV
added 2024/07/10 11:15 p.m.3 views

CVE-2024-39561

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon flowd of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacker to send TCP packets with SYN/FIN or SYN/RST flags, bypassing the expected blocking of these packets. A TCP packet with SYN/F...

6.9CVSS5.8AI score0.00313EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:31 a.m.2 views

SUSE CVE-2014-1491

Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote...

4.3CVSS8.9AI score0.04664EPSS
Exploits1References9
Ubuntu
Ubuntu
added 2015/02/26 11:22 a.m.75 views

USN-2516-1: Linux kernel vulnerabilities

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...

7.8CVSS6.8AI score0.05489EPSS
Exploits4
Apache Httpd
Apache Httpd
added 2009/03/09 12:0 a.m.41 views

Apache Httpd < 2.2.12 : AllowOverride Options handling bypass

A flaw was found in the handling of the "Options" and "AllowOverride" directives. In configurations using the "AllowOverride" directive with certain "Options=" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended...

4.9CVSS2.1AI score0.01955EPSS
Exploits4Affected Software1
Rows per page
Query Builder