Lucene search
K

25 matches found

AstraLinux
AstraLinux
added 2026/04/01 3:55 a.m.7 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the libvpx component in Google Chrome prior to version 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.6 views

RockyLinux 8 : libvpx (RLSA-2023:5537)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5537 advisory. libvpx: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 libvpx: crash related to VP9 encoding in libvpx CVE-2023-44488 Tenable has extracted...

8.8CVSS7.3AI score0.49013EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.0 views

MiracleLinux 8 : libvpx-1.7.0-13.el8_10 (AXSA:2026-287:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-287:01 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

8.8CVSS6.1AI score0.006EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/09 12:0 a.m.4 views

RHEL 8 : thunderbird (RHSA-2026:3979)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3979 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox:...

10CVSS6.1AI score0.00604EPSS
Exploits0References78
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

MiracleLinux 9 : thunderbird-140.8.0-1.el9_7.ML.1 (AXSA:2026-264:05)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-264:05 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety...

10CVSS6.1AI score0.00604EPSS
Exploits0References39
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

RockyLinux 10 : thunderbird (RLSA-2026:3517)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3517 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bu...

10CVSS6.1AI score0.00604EPSS
Exploits0References77
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.15 views

Amazon Linux 2023 : firefox (ALAS2023-2026-1469)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1469 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area...

8.8CVSS6.1AI score0.006EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.12 views

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-053 (ALASFIREFOX-2026-053)

The version of firefox installed on the remote host is prior to 140.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-053 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. Th...

8.8CVSS6.1AI score0.006EPSS
Exploits1References8
Amazon
Amazon
added 2026/03/06 12:0 a.m.5 views

Important: thunderbird

Issue Overview: A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating...

8.8CVSS6.2AI score0.006EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.3 views

MiracleLinux 9 : firefox-140.8.0-2.el9_7.ML.1 (AXSA:2026-241:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-241:03 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety...

10CVSS6.2AI score0.00604EPSS
Exploits0References39
Rockylinux
Rockylinux
added 2026/03/03 9:9 a.m.10 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

10CVSS6.1AI score0.00604EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/02 6:15 a.m.5 views

libvpx: Heap buffer overflow in libvpx

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Heap buffer overflow in libvpx...

8.8CVSS6AI score0.006EPSS
Exploits0References6
OSV
OSV
added 2026/03/02 12:0 a.m.10 views

ALSA-2026:3517 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR...

10CVSS6.1AI score0.00604EPSS
Exploits0References78
OSV
OSV
added 2026/02/28 12:46 p.m.11 views

OESA-2026-1468 thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were render...

8.8CVSS6.1AI score0.006EPSS
Exploits0References3
OSV
OSV
added 2026/02/26 8:43 p.m.7 views

RLSA-2026:3338 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs fixed in Firef...

7.5CVSS5.9AI score0.00604EPSS
Exploits0References39
Tenable Nessus
Tenable Nessus
added 2026/02/26 12:0 a.m.22 views

AlmaLinux 9 : firefox (ALSA-2026:3339)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3339 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs...

10CVSS6.1AI score0.00604EPSS
Exploits0References40
UbuntuCve
UbuntuCve
added 2026/02/16 3:18 p.m.5 views

CVE-2026-2447

Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...

8.8CVSS7.3AI score0.006EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/16 2:13 p.m.30 views

CVE-2026-2447 Heap buffer overflow in libvpx

Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...

0.006EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.2 views

Mozilla Thunderbird < 140.7.2

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.7.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2026-11 advisory. - Heap buffer overflow in libvpx. This vulnerability affects Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR...

8.8CVSS6.1AI score0.006EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/07 12:0 a.m.5 views

Fedora 43 : chromium (2026-db342a4417)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-db342a4417 advisory. Update to 144.0.7559.132 CVE-2026-1861: Heap buffer overflow in libvpx CVE-2026-1862: Type Confusion in V8 Tenable has extracted the preceding...

8.8CVSS5.7AI score0.00579EPSS
Exploits1References3
Rows per page
Query Builder