Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 8 : firefox-128.8.0-1.el8_10.ML.1 (AXSA:2025-9730:07)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9730:07 advisory. firefox: Use-after-free in WebTransportChild CVE-2025-1931 firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process...

8.8CVSS6.8AI score0.00519EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 7 : firefox-128.8.0-1.0.1.el7.AXS7 (AXSA:2025-9734:08)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9734:08 advisory. firefox: Use-after-free in WebTransportChild CVE-2025-1931 firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process...

8.8CVSS6.8AI score0.00519EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-7439

Malicious code in bioql PyPI...

6.5CVSS8AI score0.00433EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in Firefox

It was possible to interrupt the processing of a RegExp bailout and execute additional JavaScript code, potentially triggering garbage collection when the engine did not expect it. This vulnerability has been fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

6.5CVSS6.8AI score0.00433EPSS
Exploits0References3
OSV
OSV
added 2025/03/14 3:40 p.m.4 views

OESA-2025-1266 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbag...

8.1CVSS9.4AI score0.00519EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2025/03/13 6:57 a.m.7 views

firefox: Unexpected GC during RegExp bailout processing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it...

6.5CVSS7.3AI score0.00433EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2025/03/12 3:12 p.m.2 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 128.8 MFSA 2025-18 bsc1237683: CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1931:...

8.8CVSS7.8AI score0.00519EPSS
Exploits1References26
RedHat Linux
RedHat Linux
added 2025/03/10 6:14 a.m.6 views

firefox: Unexpected GC during RegExp bailout processing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it...

6.5CVSS7.3AI score0.00433EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/03/06 11:54 a.m.7 views

firefox: Unexpected GC during RegExp bailout processing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it...

6.5CVSS7.3AI score0.00433EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2025/03/05 10:59 a.m.1 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Security Vulnerabilities fixed in Firefox ESR 128.8 MFSA 2025-16 bsc1237683 - CVE-2024-43097: Overflow when growing an SkRegion's RunArray - CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process -...

8.8CVSS8.1AI score0.00519EPSS
Exploits1References22
RedhatCVE
RedhatCVE
added 2025/03/04 6:17 p.m.20 views

CVE-2025-1934

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it...

6.5CVSS7.7AI score0.00433EPSS
Exploits0References6
OSV
OSV
added 2025/03/04 2:15 p.m.9 views

CVE-2025-1934

It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability affects Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

6.5CVSS7AI score
Exploits0References6
CVE
CVE
added 2025/03/04 1:31 p.m.144 views

CVE-2025-1934

CVE-2025-1934 is a Firefox/Thunderbird memory-safety issue caused by interrupting the RegExp bailout, which could trigger garbage collection when not expected. Affected: Firefox before 136, Firefox ESR before 128.8, Thunderbird before 136, and Thunderbird before 128.8. Exploitation status is not ...

6.5CVSS6.9AI score0.00433EPSS
Exploits0References6Affected Software2
FreeBSD
FreeBSD
added 2025/03/04 12:0 a.m.11 views

mozilla -- memory corruption

[email protected] reports: CVE-2025-1938: Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrar...

6.5CVSS8AI score0.00433EPSS
Exploits0References3
Mozilla
Mozilla
added 2025/03/04 12:0 a.m.19 views

Security Vulnerabilities fixed in Thunderbird 136 — Mozilla

Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted. When requesting an OpenPGP key from a WKD server, an incorrect padding size was used and a network observer could hav...

8.8CVSS8.4AI score0.00497EPSS
Exploits0References13Affected Software1
Rows per page
Query Builder