67 matches found
CVE-2026-46056
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in SSP passkey handlers hciconn lookup and field access must be covered by hdev lock in hciuserpasskeynotifyevt and hcikeypressnotifyevt, otherwise the connection can be freed concurrently...
firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution...
MiracleLinux 7 : firefox-128.5.1-1.0.1.el7.AXS7 (AXSA:2024-9409:41)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-9409:41 advisory. firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims CVE-2024-11694 firefox: thunderbird: Unhandled Exception in Add-on...
EUVD-2015-3366
Malware in sbrugna...
EUVD-2022-48349
Malicious code in bioql PyPI...
TencentOS Server 4: firefox (TSSA-2024:1058)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1058 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
MAL-2025-4841 Malicious code in keypress-win (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f954e50f0d90246c5d2855aca594a6179bc90df76259b2b657e357f06af6cb2c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in keypress-win (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f954e50f0d90246c5d2855aca594a6179bc90df76259b2b657e357f06af6cb2c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Astra Linux – Vulnerability in Firefox, Thunderbird
When handling keypress events, an attacker might have been able to trick a user into bypassing the “Open Executable File?” confirmation dialog. This could have led to the execution of malicious code. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...
RLSA-2024:10752 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims CVE-2024-11694 firefox: thunderbird: Unhandled Exception in Add-on Signature Verification...
RockyLinux 8 : thunderbird (RLSA-2024:10591)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10591 advisory. thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message CVE-2024-11159 firefox: thunderbird: CSP Bypass and XSS Exposure via Web...
firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution...
firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution...
firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution...
firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution...
firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution...
firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution...