38 matches found
firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som...
Important: gnutls
Issue Overview: GnuTLS didn't check that DTLS fragments claimed a consistent messagelength value. Additionally, a crucial array size check was missing, enabling an attacker to cause a heap overwrite. CVE-2026-33846 A flaw was found in gnutls. This vulnerability occurs because gnutls performs...
Mozilla Firefox < 150.0.1
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 150.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-35 advisory. - Memory safety bugs present in Firefox ESR 140.10.0 and Firefox 150.0.0. Some of these bugs showed evidence...
Azul Zulu Java Multiple Vulnerabilities (2026-01-20)
The version of Azul Zulu installed on the remote host is 6 prior to 6.77.0.12 / 7 prior to 7.83.0.12 / 8 prior to 8.91.0.12 / 11 prior to 11.85.12 / 17 prior to 17.63.12 / 21 prior to 21.47.14 / 25 prior to 25.31.14. It is, therefore, affected by multiple vulnerabilities as referenced in the...
MiracleLinux 4 : thunderbird-78.13.0-1.0.1.AXS4 (AXSA:2021-2374:16)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2374:16 advisory. Mozilla: Uninitialized memory in a canvas object could have led to memory corruption CVE-2021-29980 Mozilla: Incorrect instruction reordering during...
RHEL 8 : thunderbird (RHSA-2026:0023)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0023 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6,...
Mozilla Thunderbird < 45.8
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 45.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-07 advisory. - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard,...
Mozilla Thunderbird < 91.1
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-41 advisory. - Mozilla developers Tyson Smith, Christian Holler, and Gabriele Svelto reported memory safety bugs present...
Mozilla Thunderbird < 140.4
The version of Thunderbird installed on the remote Windows host is prior to 140.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-85 advisory. - Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of...
AlmaLinux 10 : thunderbird (ALSA-2025:18320)
The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:18320 advisory. thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textur...
Mozilla Thunderbird < 140.3
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-78 advisory. - Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142...
thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs are present in the following versions: Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141, a...
TencentOS Server 4: mozjs (TSSA-2025:0648)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0648 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Mozilla Firefox ESR < 115.26
The version of Firefox ESR installed on the remote Windows host is prior to 115.26. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-57 advisory. - Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0,...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
Mozilla: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of the...
Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
Memory safety flaws were found in Mozilla Firefox and Thunderbird. Memory corruption that an attacker could leverage with enough effort, could allow arbitrary code to run. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
Mozilla Firefox ESR < 31.2 Multiple Vulnerabilities
Binary data 701248.prm...
Mozilla Tackles Two Critical Flaws with Firefox 67 Release
Mozilla patched several critical vulnerabilities with the release of its Firefox 67 browser on Tuesday. The worst of the bugs patched are two memory safety flaws that could allow attackers to exploit the vulnerabilities to take control of an affected system, according to a security bulletin issue...
Mozilla: Miscellaneous memory safety hazards (rv:45.2) (MFSA 2016-49)
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...