Security Vulnerabilities fixed in Firefox ESR 128.14 — Mozilla

An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. Same-origin policy bypass in the Graphics: Canvas2D component. Uninitialized memory ...

Security Vulnerabilities fixed in Firefox ESR 115.27 — Mozilla

An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. Same-origin policy bypass in the Graphics: Canvas2D component. Memory safety bugs...

KLA86785 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerability in the GMP process can be...

Linux Distros Unpatched Vulnerability : CVE-2021-39886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Permissions rules were not applied while issues were moved between projects of the same group in GitLab versions starting with 10.6 and up to 14.1.7 allowing...

Linux Distros Unpatched Vulnerability : CVE-2021-21334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through...

Linux Distros Unpatched Vulnerability : CVE-2023-27932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9....

Linux Distros Unpatched Vulnerability : CVE-2018-6161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

SUSE CVE-2025-38501

In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated...

CVE-2025-38501

In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated...

DEBIAN-CVE-2025-38501

In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated...

UBUNTU-CVE-2025-38501

In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated...

CVE-2025-38501 ksmbd: limit repeated connections from clients with the same IP

In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated...

CVE-2025-38501 ksmbd: limit repeated connections from clients with the same IP

In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated...

PT-2025-33536

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in ksmbd where repeated connections from clients using the same IP address can exhaust connection limits, potentially preventing legitimate client...

Linux Distros Unpatched Vulnerability : CVE-2019-11742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a element due to an error in how...

Linux Distros Unpatched Vulnerability : CVE-2022-21546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written...

CVE-2025-20302 Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain. This vulnerability is due to missing authorization checks. An attacker could exploit this...

CVE-2025-9039

This CVE affects the Amazon ECS container agent: versions 0.0.3 through 1.97.0 allow an introspection server to be accessed off-host between instances in the same security group or when security groups permit inbound connections to the introspection port 51678. The issue is addressed in ECS agent...

PT-2025-51729

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s io uring/zctx functionality related to chained notification contexts. The issue involves incorrectly handling notification completion, potentially...

CVE-2025-2183

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root...