RLSA-2025:12188 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...

firefox security update

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

Chromium: CVE-2025-11215 Off by one error in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Google Chrome < 141.0.7390.54 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 141.0.7390.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 202509stable-channel-update-for-desktop30 advisory. - Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a...

SUSE CVE-2025-11153

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 143.0.3...

CVE-2025-11153

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox 143.0.3...

UBUNTU-CVE-2025-11153

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 143.0.3...

CVE-2025-11153

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 143.0.3...

Security Vulnerabilities fixed in Firefox 143.0.3 — Mozilla

CVE-2025-11152: Sandbox escape due to integer overflow in the Graphics: Canvas2D component Reporter Oskar L Impact high References Bug 1987246 CVE-2025-11153: JIT miscompilation in the JavaScript Engine: JIT component Reporter Nan Wang Impact high References Bug 1987481...

Firefox -- JIT miscompilation in the JavaScript Engine

[email protected] reports: JIT miscompilation in the JavaScript Engine: JIT component...

Google Chrome 安全漏洞

Google Chrome is a web browser. v8 is one of the open source JavaScript engines. form is a form state manager. A security vulnerability exists in Google Chrome, which stems from an improper storage implementation that could lead to data disclosure or elevation of privilege...

Chromium: CVE-2025-10891 Integer overflow in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

KLA88448 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Edge Chromium-based can be...

AZL-76335 CVE-2025-10585 affecting package nodejs24 24.13.0-3

Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2025-10890

Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2025-10890

Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2025-10891

Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

External Control of Assumed-Immutable Web Parameter

Overview Affected versions of this package are vulnerable to External Control of Assumed-Immutable Web Parameter via the V8 process. An attacker can cause heap corruption by enticing a user to visit a specially crafted HTML page. Remediation Upgrade chromium to version 140.0.7339.207 or higher...

Improper Protection of Physical Side Channels

Overview Affected versions of this package are vulnerable to Improper Protection of Physical Side Channels via the V8 process. An attacker can access sensitive cross-origin data by enticing a user to visit a specially crafted HTML page. Remediation Upgrade chromium to version 140.0.7339.207 or...

CVE-2025-10892

Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...