MiracleLinux 7 : kernel-3.10.0-1160.99.1.el7 (AXSA:2023-6384:24)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6384:24 advisory. kernel: clsflower: out-of-bounds write in flsetgeneveopt CVE-2023-35788 hw: amd: Cross-Process Information Leak CVE-2023-20593 Tenable has extracted...

MiracleLinux 7 : linux-firmware-20200421-81.git78c0348.el7 (AXSA:2023-6589:09)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6589:09 advisory. hw amd: Return Address Predictor vulnerability leading to information disclosure CVE-2023-20569 hw: amd: Cross-Process Information Leak CVE-2023-205...

MiracleLinux 8 : linux-firmware-20230404-117.git2e92a49f.el8.ML.1 (AXSA:2023-6487:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6487:08 advisory. hw: amd: Cross-Process Information Leak CVE-2023-20593 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 9 : linux-firmware-20230310-135.el9.ML.1 (AXSA:2023-6485:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6485:07 advisory. hw: amd: Cross-Process Information Leak CVE-2023-20593 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:4006-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4006-1 advisory. This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update ...

RHEL 8 : thunderbird (RHSA-2025:19941)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:19941 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: firefox: Memory safety bugs CVE-2025-11714...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

AlmaLinux 8 : thunderbird (ALSA-2025:18983)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:18983 advisory. thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL texture...

SUSE-SU-2025:3775-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. - CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance - CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures -...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414616)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414616 advisory. An issue was discovered in the Linux kernel before 5.11.11. The user mode driver UMD has a copyprocess memory leak, related to a lack of cleanup steps in...

Linux Distros Unpatched Vulnerability : CVE-2021-29649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.11.11. The user mode driver UMD has a copyprocess memory leak, related to a lack of cleanup steps in...

PT-2025-33563

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s drm/amdkfd subsystem where calling mmput from an MMU notifier callback can lead to a deadlock if the process is exiting. This deadlock can cause a...