RockyLinux 8 : thunderbird (RLSA-2025:21881)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21881 advisory. firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox:...

RockyLinux 10 : firefox (RLSA-2025:21281)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21281 advisory. firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox:...

CVE-2025-11936 Potential DoS Vulnerability through Multiple KeyShareEntry with Same Group in TLS 1.3 ClientHello

Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to...

CVE-2025-65111 SpiceDB's LookupResources with Multiple Entrypoints across Different Definitions Can Return Incomplete Results

SpiceDB is an open source database system for creating and managing security-critical application permissions. Prior to version 1.47.1, if a schema includes the following characteristics: permission defined in terms of a union + and that union references the same relation on both sides but one si...

CVE-2025-65111

CVE-2025-65111 affects SpiceDB prior to version 1.47.1. Affected behavior: when a schema defines a permission as a union and the union references the same relation on both sides (but one side points to a different permission), the LookupResources API may return incomplete results. Other APIs calc...

CVE-2025-65111 SpiceDB's LookupResources with Multiple Entrypoints across Different Definitions Can Return Incomplete Results

SpiceDB is an open source database system for creating and managing security-critical application permissions. Prior to version 1.47.1, if a schema includes the following characteristics: permission defined in terms of a union + and that union references the same relation on both sides but one si...

RLSA-2025:21281 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox: Incorrect boundary...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

CVE-2025-64483

Wazuh is a security detection, visibility, and compliance open source project. From version 4.9.0 to before 4.13.0, the Wazuh API – Agent Configuration in certain configurations allows authenticated users with read-only API roles to retrieve agent enrollment credentials through the...

firefox security update

An update is available for firefox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

RLSA-2025:21881 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox: Incorrect boundary conditions in the JavaScript: WebAssembly compone...

PT-2025-47815

Name of the Vulnerable Software and Affected Versions SpiceDB versions prior to 1.47.1 Description SpiceDB is a database system used for managing security-critical application permissions. Versions of SpiceDB prior to 1.47.1 may exhibit incomplete LookupResources results when checking permissions...

RHEL 10 : thunderbird (RHSA-2025:21843)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21843 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Mitigation bypass in the DOM: Security component...

firefox: thunderbird: Same-origin policy bypass in the DOM: Notifications component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Notifications component...

firefox: thunderbird: Same-origin policy bypass in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Workers component...

firefox: thunderbird: Same-origin policy bypass in the DOM: Notifications component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Notifications component...

firefox: thunderbird: Same-origin policy bypass in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Workers component...

firefox: thunderbird: Same-origin policy bypass in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Workers component...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

firefox: thunderbird: Same-origin policy bypass in the DOM: Notifications component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Notifications component...