Malicious code in @sfdc-ogs/v1-stable (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2cf5cb65e88f9911d818fe4538c2454d53d9f0bac558bc6bd8bb2f8f8146d2ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-7028 SMM Arbitrary Memory Access via Flash Handler with Unchecked FuncBlock Pointer

A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo that...

Malicious code in chii-aungpao-new (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e7612d6bbbfb9dc1ad7c5edf5f536d13eaa4e20da2e1a895caeacfb8b0e75140 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OESA-2025-1720 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

UBUNTU-CVE-2025-38188

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...

SAMEP: a Secure Protocol for Persistent Context Sharing across AI Agents

Current AI agent architectures suffer from ephemeral memory limitations, preventing effective collaboration and knowledge sharing across sessions and agent boundaries. We introduce SAMEP Secure Agent Memory Exchange Protocol, a novel framework that enables persistent, secure, and semantically...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

Malicious code in karakeep (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5b96143e1a337213c5ae7cdcd914230744fcb082e0645188de5f5fa18b991916 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

Mozilla Thunderbird < 140.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-54 advisory. - Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of...

Security Vulnerabilities fixed in Thunderbird 140 — Mozilla

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. Th...

RHEL 9 : firefox (RHSA-2025:10187)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10187 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...