Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

PT-2026-21737

Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox 148...

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An information disclosure vulnerability exists in several Mozilla produc...

Mozilla -- Multiple vulnerabilities

CVE-2026-2809: Memory safety bug in the JavaScript: WebAssembly component. CVE-2026-2808: Integer overflow in the JavaScript: Standard Library component...

Firefox -- Multiple vulnerabilities

CVE-2026-2807: Memory safety bugs present in Firefox 147 and Thunderbird 147 CVE-2026-2806: Uninitialized memory in the Graphics: Text component. CVE-2026-2805: Invalid pointer in the DOM: Core & HTML component. CVE-2026-2804: Use-after-free in the JavaScript: WebAssembly component. CVE-2026-2803...

Mozilla多款产品 输入验证错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Mozilla Thunderbird < 148.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 148.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-16 advisory. - Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of...

Mozilla Firefox ESR < 140.8

The version of Firefox ESR installed on the remote Windows host is prior to 140.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-15 advisory. - Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and...

Mozilla Firefox < 148.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 148.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-13 advisory. - Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory...

Mozilla Thunderbird < 148.0

The version of Thunderbird installed on the remote Windows host is prior to 148.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-16 advisory. - Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory...

Mozilla Thunderbird < 140.8

The version of Thunderbird installed on the remote Windows host is prior to 140.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-17 advisory. - Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and...

PT-2026-21757

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...

CVE-2026-27742

Bludit

CVE-2026-25648

Versions of the Traccar open-source GPS tracking system starting with 6.11.1 contain an issue in which authenticated users can execute arbitrary JavaScript in the context of other users' browsers by uploading malicious SVG files as device images. The application accepts SVG file uploads without...

CVE-2026-25648 Traccar Vulnerable to Stored Cross-Site Scripting (XSS) via Malicious SVG File Upload

Versions of the Traccar open-source GPS tracking system starting with 6.11.1 contain an issue in which authenticated users can execute arbitrary JavaScript in the context of other users' browsers by uploading malicious SVG files as device images. The application accepts SVG file uploads without...

CVE-2026-26464

Stored Cross-Site Scripting XSS was found in the /admin/edituser.php page of Society Management System Portal V1.0, which allows remote attackers to inject and store arbitrary JavaScript code that is executed in users' browsers. This vulnerability can be exploited via the name parameter in a POST...

PT-2026-21559

Name of the Vulnerable Software and Affected Versions Traccar versions 6.11.1 and later Description The Traccar GPS tracking system is affected by an issue where authenticated users can execute arbitrary JavaScript in other users' browsers. This occurs because the application accepts SVG file...

PT-2026-21569

Name of the Vulnerable Software and Affected Versions Bludit version 3.16.2 Description The application does not properly sanitize content input on the server side, despite client-side sanitation. An authenticated user can inject JavaScript into the post content field. This injected script execut...