93 matches found
CVE-2026-34778 Electron: Service worker can spoof executeJavaScript IPC replies
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, a service worker running in a session could spoof reply messages on the internal IPC channel used by webContents.executeJavaScript and...
CVE-2025-68263
In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...
OESA-2025-2596 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: Use-after-free vulnerability in MediaTrackGraphImpl::GetInstance. This vulnerability affects Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird...
Amazon Linux 2023 : firefox (ALAS2023-2025-1246)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1246 advisory. Use-after-free in MediaTrackGraphImpl::GetInstance This vulnerability affects Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4. CVE-2025-11708 A compromised web process w...
Updated thunderbird packgaes fix security vulnerabilities
CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...
OESA-2025-2477 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...
thunderbird: firefox: Cross-process information leaked due to malicious IPC messages
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...
RHEL 10 : firefox (RHSA-2025:18154)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:18154 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: thunderbir...
CVE-2025-11710
A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...
CVE-2025-11710
A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability affects Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...
UBUNTU-CVE-2025-11710
A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...
CVE-2025-11710
CVE-2025-11710 is reported across Mozilla products (Firefox and Thunderbird). A compromised web process could abuse malicious IPC messages to cause a privileged browser process to leak memory blocks to the compromised process. Affected: Firefox <144, Firefox ESR <115.29 and <140.4, Thund...
EUVD-2018-16915
Malware in sbrugna...
EUVD-2021-0507
Malware in sbrugna...
EUVD-2015-1378
Malware in sbrugna...
EUVD-2016-2801
Malware in sbrugna...
EUVD-2015-0675
Malware in sbrugna...
EUVD-2015-0676
Malware in sbrugna...
EUVD-2015-0678
Malware in sbrugna...