2569 matches found
CVE-2025-48647
In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
OESA-2026-1087 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...
RLSA-2026:0694 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox: thunderbird: Memor...
RockyLinux 8 : firefox (RLSA-2026:0667)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0667 advisory. firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox:...
MiracleLinux 4 : kernel-2.6.32-573.12.1.el6 (AXSA:2016-018:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-018:01 advisory. Security issues fixed with this release: CVE-2015-2925 The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly...
Google Pixel security vulnerabilities
The Google Pixel is a smartphone produced by Google Inc. The Google Pixel has a security vulnerability, which stems from improper input validation in the cpm/google/lib/tracepoint/cpmfwtpipc.c file, specifically in the cpmfwtpmsghandler function. This vulnerability may lead to an increase in loca...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001496)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001496 advisory. A memory overflow vulnerability was found in the Linux kernels ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times,...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000951)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000951 advisory. The SMB2tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service NULL pointer dereference and...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001006)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001006 advisory. Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipcaddid call that leads to...
SUSE-SU-2026:20086-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.7.0 ESR bsc1256340. - MFSA 2026-03 bsc1256340 CVE-2026-0877: Mitigation bypass in the DOM: Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphic...
OPENSUSE-SU-2026:20041-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.7.0 ESR bsc1256340. - MFSA 2026-03 bsc1256340 CVE-2026-0877: Mitigation bypass in the DOM: Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphic...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
firefox: thunderbird: Use-after-free in the IPC component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the IPC component...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002393)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002393 advisory. Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service use-after-free and system crash or possibly ha...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002397)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002397 advisory. The ipcrcuputref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002246)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002246 advisory. Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipcaddid call that leads to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002465)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002465 advisory. Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipcaddid call that leads to...
SUSE CVE-2026-0882
Use-after-free in the IPC component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
Mozilla Firefox ESR < 115.32
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.32. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-02 advisory. - Use-after-free in the IPC component. This vulnerability affects Firefox 147, Firefox ESR 115.32, Firefo...
Mozilla Firefox ESR < 115.32
The version of Firefox ESR installed on the remote Windows host is prior to 115.32. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-02 advisory. - Use-after-free in the IPC component. This vulnerability affects Firefox 147, Firefox ESR 115.32, Firefox ESR 140....