Malicious Package

Overview @volcenjine/rtc is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MiracleLinux 4 : thunderbird-68.11.0-1.AXS4 (AXSA:2020-258:06)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-258:06 advisory. chromium-browser: Use after free in ANGLE CVE-2020-6463 chromium-browser: Inappropriate implementation in WebRTC CVE-2020-6514 Mozilla: Potential lea...

ROS-20260119-7393

A vulnerability in the pcf85063nvmemread function of the drivers/rtc/rtc-pcf85063.c component of the Linux operating system kernel is related to writing beyond buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to sensitive data, violate its integrity, and...

OESA-2026-1086 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

SUSE SLES16 Security Update : MozillaFirefox (SUSE-SU-2026:20031-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20031-1 advisory. Changes in MozillaFirefox: Firefox Extended Support Release 140.6.0 ESR was released: Fixed: Various security fixes. MFSA 2025-94...

MiracleLinux 8 : thunderbird-140.6.0-1.el8_10.ML.1 (AXSA:2026-021:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-021:01 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free...

[SECURITY] Fedora 42 Update: coturn-4.7.0-4.fc42

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

Amazon Linux 2023 : firefox (ALAS2023-2025-1337)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1337 advisory. Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox 146 and Firefox ESR 140.6. CVE-2025-14321 Sandbox escape due to incorrect boundary conditions in the...

SUSE CVE-2025-68754

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2025-68754

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2025-68754

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

UBUNTU-CVE-2025-68754

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2025-68754

CVE-2025-68754 affects the Linux kernel rtc driver for amlogic-a4. The issue is a double free caused by manually disabling the clock obtained via devm_clk_get_enabled() in error paths, which conflicts with the devm framework’s automatic clock lifecycle management. The recommended remediation is t...

CVE-2025-68754 rtc: amlogic-a4: fix double free caused by devm

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

RLSA-2026:0025 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC: Signaling component CVE-2025-14321 firefox: JIT...

firefox: thunderbird: Use-after-free in the WebRTC: Signaling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the WebRTC: Signaling component...

firefox: thunderbird: Use-after-free in the WebRTC: Signaling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the WebRTC: Signaling component...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

firefox: thunderbird: Use-after-free in the WebRTC: Signaling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the WebRTC: Signaling component...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...