4765 matches found
Oracle Linux 9 : firefox (ELSA-2026-20574)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20574 advisory. 140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...
firefox security update
140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.12.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.12.0-1 - Update to 140.12.0 ESR...
Oracle Linux 9 : thunderbird (ELSA-2026-19348)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-19348 advisory. 140.11.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.11.0 - Add OpenELA debranding 140.11.0-1 - Update to 140.11.0 ESR...
Astra Linux – Vulnerabilities in Firefox, NSS, Thunderbird
Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35...
Oracle Linux 9 : thunderbird (ELSA-2026-21381)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-21381 advisory. 140.11.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.11.0 - Add OpenELA debranding 140.11.0-1 - Update to 140.11.0 ESR...
Astra Linux – Vulnerability in nss
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, allowing for a timing-based side channel attack. This vulnerability affects Firefox versions less than 80, as well as Firefox for Android versions less than 80...
Astra Linux – Vulnerability in nss
The NSS code used for checking PKCS1 v1.5 was leaking information useful for launching Bleichenbacher-style attacks. Both the overall correctness of the padding and the length of the encrypted message were exposed through timing side-channels. By sending a large number of ciphertexts selected by...
Astra Linux – Vulnerability in nss
During ECDSA signature generation, padding is applied in the nonce to ensure that constant-time scalar multiplication is removed. However, this results in variable-time execution that depends on secret data. This vulnerability affects Firefox versions less than 80, as well as Firefox for Android...
DEBIAN-CVE-2026-12505
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...
CVE-2026-12505
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...
CVE-2026-12505
CVE-2026-12505 concerns the cifs-utils package. The issue: the root-owned cifs.upcall fails to securely drop root privileges before consulting user information, allowing a local, low-privilege attacker to craft a request_key payload that causes the process to enter a controlled environment with a...
Important: Red Hat Security Advisory: 389-ds-base security, bug fix, and enhancement update
An update for 389-ds-base is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2026-12318
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152. CVE-2026-12318 Note that Nessu...
UBUNTU-CVE-2026-12318
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...
CVE-2026-12318
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...
glibc-static-nss-poc
glibc-static-nss-poc Proof of Concept demonstrating how stati...
ROS-20260605-73-0104
The vulnerability of the NSS component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected informatio...
Updated nspr, nss and firefox(-l10n) packages fix security issues
The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...
PT-2026-44907
Name of the Vulnerable Software and Affected Versions Froxlor version 2.3.6 Description A symlink-following flaw exists in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code appends public keys to /.ssh/authorized keys within a customer-controlled home...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...