RHEL 9 : firefox (RHSA-2026:22410)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22410 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

Hermes Agent 安全漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring self-learning capabilities. Versions of Hermes Agent prior to 2026.4.16 contained a security vulnerability. This vulnerability stemmed from improper handling of the executecode function in the Environment Variable Handler...

CVE-2026-6878 ByteDance verl grader.py math_equal sandbox

A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...

RHEL 10 : thunderbird (RHSA-2026:8315)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:8315 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Use-after-free in the JavaScript Engin...

Nocobase 安全漏洞

Nocobase is an open-source low-code platform developed by NocoBase. Versions of Nocobase 2.0.23 and earlier contained security vulnerabilities. These vulnerabilities were caused by improper use of the createSafeConsole function in the...

AstrBot 安全漏洞

AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Versions of AstrBot 4.22.1 and earlier contained a security vulnerability. This vulnerability stemmed from improper handling of the File parameter in the installpluginUpload function within the...

RHEL 9 : thunderbird (RHSA-2026:1415)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:1415 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Spoofing issue in the Downloads Panel component...

RLSA-2026:0924 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.7,...

MiracleLinux 9 : firefox-140.7.0-1.el9_7.ML.1 (AXSA:2026-053:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-053:01 advisory. firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox...

FreeBSD : Mozilla -- multiple vulnerabilities (ff20d3a3-f211-11f0-9ca3-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ff20d3a3-f211-11f0-9ca3-b42e991fc52e advisory. Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed...

RHEL 8 : firefox (RHSA-2026:0667)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0667 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

EUVD-2010-2650

Malware in sbrugna...

EUVD-2018-0259

Malware in sbrugna...

EUVD-2020-22383

Malware in sbrugna...

CLSA-2025-1753799434 java-1.8.0-openjdk: Fix of 19 CVEs

Security fixes from OpenJDK 8u452-b09: - CVE-2025-21587: JSSE issue allowing remote access or modification of sensitive data - CVE-2025-30698: allows limited data access and partial DoS via untrusted Java code - CVE-2025-30691: allows limited data access via untrusted code using compiler APIs -...

NewStart CGSL MAIN 7.02 : flatpak Multiple Vulnerabilities (NS-SA-2025-0146)

The remote NewStart CGSL host, running version MAIN 7.02, has flatpak packages installed that are affected by multiple vulnerabilities: - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 conta...

[SECURITY] [DLA 4173-1] openjdk-17 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4173-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 20, 2025 https://wiki.debian.org/LTS -...

SUSE-SU-2022:1894-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: - CVE-2022-1552: Confine additional operations within 'security restricted operation' sandboxes bsc1199475...

ROS-20220114-02

Vulnerability in Mozilla Thunderbird email client, related to memory usage after memory freeing due to a race condition when playing audio files. Exploitation of the vulnerability could allow an attacker acting remotely to create a specially crafted audio shell, trigger a post-release usage error...

MGASA-2021-0506 Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fix security vulnerabilities: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame CVE-2021-38503. When interacting with an HTML input element's...