RLSA-2025:16109 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...

RLSA-2025:16157 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component CVE-2025-10532 firefox:...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

firefox security update

An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

RLSA-2025:16260 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...

CVE-2025-56551

An issue in DirectAdmin v1.680 allows unauthorized attackers to manipulate the page layout and replace the legitimate login interface with arbitrary attacker-controlled content via supplying a crafted GET request...

CVE-2025-56551

DirectAdmin Evolution Skin (v1.680) is affected. A crafted GET request can cause the page layout to be modified and replace the legitimate login interface with attacker-controlled content. Root cause is unspecified in the documents beyond content manipulation; exploitation status is not detailed....

Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-3008 (ALAS-2025-3008)

The version of thunderbird installed on the remote host is prior to 140.3.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3008 advisory. Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox 143,...

Noisy Networks, Nosy Neighbors: Inferring Privacy Invasive Information from Encrypted Wireless Traffic

This thesis explores the extent to which passive observation of wireless traffic in a smart home environment can be used to infer privacy-invasive information about its inhabitants. Using a setup that mimics the capabilities of a nosy neighbor in an adjacent flat, we analyze raw 802.11 packets an...

CVE-2025-10940

A vulnerability was found in Total.js CMS 1.0.0. Affected by this vulnerability is the function layoutssave of the file /admin/ of the component Layout Page. Performing manipulation of the argument HTML results in cross site scripting. It is possible to initiate the attack remotely. The exploit h...

AlmaLinux 8 : firefox (ALSA-2025:16260)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:16260 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary...

AlmaLinux 9 : thunderbird (ALSA-2025:16156)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:16156 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary...

CVE-2025-10940

A vulnerability was found in Total.js CMS 1.0.0. Affected by this vulnerability is the function layoutssave of the file /admin/ of the component Layout Page. Performing manipulation of the argument HTML results in cross site scripting. It is possible to initiate the attack remotely. The exploit h...

PT-2025-39359

Name of the Vulnerable Software and Affected Versions Total.js CMS version 1.0.0 Description A cross site scripting issue exists in Total.js CMS version 1.0.0. The issue is located in the layouts save function within the /admin/ file of the Layout Page component. Manipulation of the HTML argument...

firefox: thunderbird: Same-origin policy bypass in the Layout component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:...

RHEL 8 : thunderbird (RHSA-2025:16589)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:16589 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free i...

SUSE-SU-2025:03309-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.3 bsc1249391. Security issues fixed: - MFSA 2025-78 CVE-2025-10527: sandbox escape due to use-after-free in the Graphics: Canvas2D component. CVE-2025-10528: sandbox escape due to undefined behavior,...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 140.3.0 ESR bsc1249391. MFSA 2025-75: CVE-2025-10527 bmo1984825 Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10528 bmo1986185 Sandbox escape due to undefined behavior,...

firefox: thunderbird: Same-origin policy bypass in the Layout component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:...

ALSA-2025:16260 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...