RLSA-2026:19160 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

Amazon Linux 2023 : firefox (ALAS2023-2026-1725)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1725 advisory. In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input. CVE-2026-45186 Use-after-free in th...

RHEL 10 : firefox (RHSA-2026:19160)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19160 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

MGASA-2026-0145 Updated firefox & thunderbird packages fix security vulnerabilities

LZ4 compression library issue. CVE-2025-62813 libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content. CVE-2026-32776 libexpat before 2.7.5 allows an infinite loop while parsing DTD content. CVE-2026-32777 libexpat before 2.7.5 allows a NULL pointer...

Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.53 fixes various security issues The following security issues were fixed: CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimer...

Linux Distros Unpatched Vulnerability : CVE-2025-71097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4: Fix reference count leak when using error routes with nexthop objects When a nexthop object is deleted, it is marked as dead and then fibtableflush is...

CVE-2025-68379 RDMA/rxe: Fix null deref on srq->rq.queue after resize failure

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...

SUSE-SU-2025:20982-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019 - CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631 - CVE-2025-38618: vsock: Do not allow binding to...

SUSE-SU-2025:03310-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49492: nvme-pci: fix a NULL pointer dereference in nvmeallocadmintags bsc1238954. - CVE-2022-50116: tty: ngsm: fix deadlock and link starvation in outgoing...

SUSE CVE-2022-49060

In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereference in smcpnetfindib devname was called with dev.parent as argument but without to NULL-check it before. Solve this by checking the pointer before the call to devname...

DEBIAN-CVE-2022-49204

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has moredata In tcpbpfsendverdict, if msg has more data after tcpbpfsendmsgredir: tcpbpfsendverdict tosend = msg-sg.size //msg-sg.size = 22220 case SKREDIRECT: skmsgreturn //uncharged...

UBUNTU-CVE-2024-50034

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsksynmss with IPPROTOSMC Eric report a panic on IPPROTOSMC, and give the facts that when INETPROTOSWICSK was set, icsk-icsksyncmss must be set too. Bug: Unable to handle kernel NULL pointer dereference at...

OESA-2024-1175 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial porti...

Unbreakable Enterprise kernel security update

5.4.17-2136.318.7.1 - KVM: arm64: Disabling disabled PMU counters wastes a lot of time Alexandre Chartre Orabug: 33312587 - KVM: arm64: Don't zero the cycle count register when PMCREL0.P is set Alexandru Elisei Orabug: 33312587 - KVM: arm64: pmu: Only handle supported event counters Eric Auger...

Immunity Canvas: JBOSS6_JMXINVOKERSERVLET_DESERIALIZE

Name| jboss6jmxinvokerservletdeserialize ---|--- CVE| CVE-2015-7501 Exploit Pack| CANVAS Description| jboss6jmxinvokerservletdeserialize Notes| CVE Name: CVE-2015-7501 VENDOR: Red Hat NOTES: IMPORTANT NOTE: Any instance of this application running Apache Commons Collections version prior to 3.0...