MiracleLinux 3 : firefox-24.5.0-1.0.2.AXS3 (AXSA:2014-356:03)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-356:03 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

CVE-2023-25748

By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...

EUVD-2018-11269

Malware in sbrugna...

EUVD-2018-3435

Malware in sbrugna...

EUVD-2007-4572

Malware in sbrugna...

EUVD-2014-4102

Malware in sbrugna...

EUVD-2022-41057

Malicious code in bioql PyPI...

EUVD-2023-58012

Malicious code in bioql PyPI...

CVE-2025-48472

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, there is no check to ensure that the user is disabling notifications for the mailbox to which they already have access. Moreover, the code explicitly implements functionality that if the user does not have...

CVE-2022-21683

Wagtail is a Django based content management system focused on flexibility and user experience. When notifications for new replies in comment threads are sent, they are sent to all users who have replied or commented anywhere on the site, rather than only in the relevant threads. This means that ...

RockyLinux 8 : thunderbird (RLSA-2024:5402)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5402 advisory. Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access ...

CVE-2025-32783 XWiki allows unregistered users to see "public" messages from a closed wiki via notifications from a different wiki

XWiki Platform is a generic wiki platform. A vulnerability in versions from 5.0 to 16.7.1 affects users with Message Stream enabled and a wiki configured as closed from selecting "Prevent unregistered users to view pages" in the Administrations Rights. The vulnerability is that any message sent i...

CVE-2022-49085

CVE-2022-49085 affects the Linux kernel’s drbd path, fixing five use-after-free bugs in get_initial_state where skb could be freed and later dereferenced. The issue arises when notify_initial_state_done and subsequent notify_*_state_change calls free skb on error, leading to a use-after-free via ...

CVE-2025-21704

In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check control transfer buffer size before access If the first fragment is shorter than struct usbcdcnotification, we can't calculate an expectedsize. Log an error and discard the notification instead of reading...

CVE-2025-1018

The CVE-2025-1018 entry concerns Firefox and Thunderbird before version 135, where the fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. The underlying issue can allow spoofing, with a resulting impact described as partial integrity/availability co...

Mozilla Thunderbird < 135.0

The version of Thunderbird installed on the remote Windows host is prior to 135.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-11 advisory. - Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory...

Mozilla Thunderbird < 135.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 135.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-11 advisory. - Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of...

CVE-2024-57799

creationtimestamp| type| source ---|---|--- 2025-01-11 13:05:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1298 2025-01-11 13:17:37+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhs6iulxz22 2025-01-11 13:44:27+00:00| seen|...

Mozilla Firefox Security Advisory (MFSA2024-05) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2024-05. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

CVE-2023-48732 Keywords that trigger mentions are leaked to other users

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to everyone else in the channel...