Lucene search
K

144 matches found

Mageia
Mageia
added 2023/03/24 5:55 a.m.69 views

Updated thunderbird packages fix security vulnerability

Incorrect code generation during JIT compilation. CVE-2023-25751 Potential out-of-bounds when accessing throttled streams. CVE-20223-25752 Invalid downcast in Worklets. CVE-2023-28162 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. CVE-2023-28164 Memor...

8.8CVSS8.8AI score0.00713EPSS
Exploits0References3
OSV
OSV
added 2023/03/24 5:55 a.m.10 views

MGASA-2023-0116 Updated thunderbird packages fix security vulnerability

Incorrect code generation during JIT compilation. CVE-2023-25751 Potential out-of-bounds when accessing throttled streams. CVE-20223-25752 Invalid downcast in Worklets. CVE-2023-28162 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. CVE-2023-28164 Memor...

8.8CVSS8.2AI score0.00713EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.20 views

Oracle Linux 7 : thunderbird (ELSA-2023-1401)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1401 advisory. 102.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.9.0-1 - Update to...

8.8CVSS7.8AI score0.00713EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.31 views

Amazon Linux 2 : thunderbird (ALAS-2023-1988)

The version of thunderbird installed on the remote host is prior to 102.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1988 advisory. The Mozilla Foundation describes this issue as follows: Sometimes, when invalidating JIT code while following an...

8.8CVSS7.9AI score0.00798EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2023/03/21 8:20 a.m.36 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.1AI score0.00713EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.21 views

Debian dla-3365 : thunderbird - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3365 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3365-1 [email protected]...

8.8CVSS8.3AI score0.00713EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.29 views

Oracle Linux 9 : firefox (ELSA-2023-1337)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1337 advisory. 102.9.0-3.0.1 - Updated homepages to use https Orabug: 34648274 102.9.0-3 - Update to 102.9.0 build2 102.9.0-2 - removed disable-openh264-download...

8.8CVSS7.8AI score0.00713EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.25 views

Oracle Linux 7 : firefox (ELSA-2023-1333)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1333 advisory. 102.9.0-3.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....

8.8CVSS7.8AI score0.00713EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/20 9:38 a.m.25 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.8CVSS7.1AI score0.00713EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/20 9:38 a.m.35 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.8CVSS7.1AI score0.00713EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/03/20 12:0 a.m.27 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR. Security Fixes: Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefo...

8.8CVSS9.2AI score0.00713EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.30 views

RHEL 7 : firefox (RHSA-2023:1333)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1333 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS8AI score0.00713EPSS
Exploits0References12
Fedora
Fedora
added 2023/03/18 5:4 a.m.51 views

[SECURITY] Fedora 36 Update: pypy3.7-7.3.9-5.3.7.fc36

PyPy's implementation of Python 3.7, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

9.8CVSS9.3AI score0.05193EPSS
Exploits1
Veracode
Veracode
added 2023/03/16 3:7 p.m.24 views

Denial Of Service (DoS)

firefox-esr is vulnerable to Denial Of Service DoS. The vulnerability exists due to the incorrect code generation during JIT compilation, which allows an attacker to cause an application crash...

6.5CVSS8.1AI score0.0069EPSS
Exploits0References5Affected Software5
OSV
OSV
added 2023/03/14 3:1 p.m.6 views

SUSE-SU-2023:0728-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to version 102.9.0 ESR bsc1209173: - CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android - CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android -...

8.8CVSS8.4AI score0.00798EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 5:22 a.m.4 views

SUSE CVE-2015-0817

The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to...

6.8CVSS9.1AI score0.03651EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 3:33 a.m.3 views

SUSE CVE-2022-1586

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in...

8.6CVSS8.8AI score0.02993EPSS
Exploits0References113
Fedora
Fedora
added 2023/01/12 1:53 a.m.43 views

[SECURITY] Fedora 37 Update: pypy3.8-7.3.11-1.3.8.fc37

PyPy's implementation of Python 3.8, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

9.8CVSS9.1AI score0.05193EPSS
Exploits2
OSV
OSV
added 2022/11/13 2:25 a.m.8 views

MGASA-2022-0417 Updated pcre packages fix security vulnerability

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in...

9.1CVSS9.1AI score0.02993EPSS
Exploits0References10
Fedora
Fedora
added 2022/10/28 11:46 a.m.31 views

[SECURITY] Fedora 35 Update: pypy3.7-7.3.9-4.3.7.fc35

PyPy's implementation of Python 3.7, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

7.4CVSS2AI score0.0199EPSS
Exploits0
Rows per page
Query Builder