RHEL 9 : firefox (RHSA-2026:0018)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0018 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 8 : thunderbird (RHSA-2026:0023)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0023 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6,...

OPENSUSE-SU-2026:20002-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: Mozilla Thunderbird 140.5.0 ESR MFSA 2025-91 bsc1253188: CVE-2025-13012 Race condition in the Graphics component CVE-2025-13016 Incorrect boundary conditions in the JavaScript: WebAssembly component...

Open Redirect

Overview litestar-vite is a Vite plugin for Litestar Affected versions of this package are vulnerable to Open Redirect due to missing same-origin validation on redirect targets. The InertiaBack redirect logic trusts the Referer header, and InertiaRedirect accepts a redirectto parameter without...

PT-2026-21723

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description A same-origin policy bypass exists in the Networking: JAR component. This allows potential...

CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...

EUVD-2025-205678

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...

CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...

CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...

CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...

CVE-2025-69235

The CVE-2025-69235 entries describe a vulnerability in Whale browser versions prior to 4.35.351.12 where an attacker can bypass the Same-Origin Policy in a sidebar environment. Affected product: Whale browser (desktop). Vulnerable component/area: the sidebar environment handling that enables cros...

CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...

Naver Whale Browser 安全漏洞

Naver Whale Browser is a web browser from Naver, a South Korean company that supports user-defined interfaces. A security vulnerability exists in Naver Whale Browser versions prior to 4.35.351.12, which stems from a same-origin policy bypass in the sidebar environment...

PT-2025-53835

Name of the Vulnerable Software and Affected Versions Whale browser versions prior to 4.35.351.12 Description A flaw exists in Whale browser that allows an attacker to circumvent the Same-Origin Policy within a sidebar environment. This bypass could potentially allow unauthorized access to data o...

RockyLinux 9 : thunderbird (RLSA-2025:23856)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23856 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

firefox: thunderbird: Same-origin policy bypass in the Request Handling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Request Handling component...

CVE-2023-53957

Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session...

CVE-2023-53957

Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session...

CVE-2023-53957 Kimai 1.30.10 SameSite Cookie Vulnerability Session Hijacking

Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session...