Updated firefox packages fix security vulnerabilities

Race condition in the Graphics component. CVE-2025-13012 Mitigation bypass in the DOM: Core & HTML component. CVE-2025-13013 CVE-2025-13014: Use-after-free in the Audio/Video component. CVE-2025-13014 Spoofing issue in Firefox. CVE-2025-13015 Incorrect boundary conditions in the JavaScript:...

RHEL 9 : firefox (RHSA-2025:21280)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21280 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

firefox: thunderbird: Use-after-free in the WebRTC: Audio/Video component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the WebRTC: Audio/Video component...

ROS-20251112-07

Vulnerability in Google Chrome browser's JavaScript script handler V8 is related to information disclosure through inconsistency. Exploitation of the vulnerability could allow an attacker, acting remotely, gain unauthorized access to protected information A vulnerability in the WebRTC component o...

CVE-2025-13020

Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

CVE-2025-13020 Use-after-free in the WebRTC: Audio/Video component

Use-after-free in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

kernel: rtc: check if __rtc_read_time was successful in rtc_timer_do_work()

A vulnerability was found in the Linux kernel's RTC driver in the rtctimerdowork function, where the rtcreadtime call may fail. This issue results in uninitialized data in the rtctime struct. It can lead to the generation of extremely large values, causing periodic timer failures and potentially...

kernel: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read

In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap interface operates with fixed-size storage. If an nvmem client uses a buffer size less than 4 byte...

Mozilla Firefox ESR < 140.5

The version of Firefox ESR installed on the remote Windows host is prior to 140.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-88 advisory. - Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox 145 and Firefox ESR 140.5...

Exploit for Out-of-bounds Write in Google Chrome

Chrome Emergency Security Update !Securityhttps://img.shie...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990490)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990490 advisory. In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: check return value after calling platformgetresource It will cause null-ptr-deref if...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988655 advisory. In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: check return value after calling platformgetresource It will cause null-ptr-deref if...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989284)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989284 advisory. In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpiinstallfixedeventhandler...

EUVD-2022-55677

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.7 / Nagios XI 5.8.9 contains a cross-site scripting XSS vulnerability via the Audit Log page search input. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in...

Fedora 43 : cef (2025-1e8f05e0a6)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1e8f05e0a6 advisory. Update to 140.1.15^chromium140.0.7339.207 rhbz2396308 CVE-2025-10890: Side-channel information leakage in V8 CVE-2025-10891: Integer overflow in V8...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987700)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987700 advisory. In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: check return value after calling platformgetresource It will cause null-ptr-deref if...

Security update for chrony

This update for chrony fixes the following issues: Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...

Linux Distros Unpatched Vulnerability : CVE-2022-50477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rtc: class: Fix potential memleak in devmrtcallocatedevice devmrtcallocatedevice will alloc ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987149)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987149 advisory. In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpiinstallfixedeventhandler...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-383753)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-383753 advisory. In the Linux kernel, the following vulnerability has been resolved: rtc: check if rtcreadtime was successful in rtctimerdowork If the rtcreadtime call fails,, the...