CVE-2026-0088

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0088

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

From Preventive to Reactive: How AI Coding Assistants Transform Developers' Security Awareness

AI coding assistants are now central to professional software development, yet their impact on how developers think about and practice security remains poorly understood. While prior work has documented vulnerability rates in AI-generated code, a more fundamental question persists: how do these...

CVE-2025-50328

A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web MotW protections. When an archive is downloaded from the internet and extracted using B1 Free Archiver, the software fails to propagate the 'Zone.Identifier' alternate dat...

MiracleLinux 8 : firefox-115.14.0-2.el8_10.ML.1 (AXSA:2024-8694:28)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8694:28 advisory. Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory...

MiracleLinux 8 : thunderbird-115.14.0-1.el8_10.ML.1 (AXSA:2024-8693:19)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8693:19 advisory. Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory...

MiracleLinux 9 : firefox-115.14.0-2.el9_4.ML.1 (AXSA:2024-8689:27)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8689:27 advisory. Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory...

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics formerly CJ Korea Express. "The threat actor leveraged QR codes...

PT-2025-45060

Name of the Vulnerable Software and Affected Versions Cursor versions 1.7.28 and below Description Cursor is a code editor designed for programming with AI. An input validation issue within Cursor’s MCP server installation allows maliciously crafted deep-links to circumvent standard security...

EUVD-2024-48430

Malicious code in bioql PyPI...

TencentOS Server 4: thunderbird (TSSA-2024:0668)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0668 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2024-7523

A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This issue only affects Android versions of Firefox. This vulnerability affects Firefox 129...

RLSA-2024:5402 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shared memory handling CVE-2024-7519 mozilla: Type...

RockyLinux 8 : thunderbird (RLSA-2024:5402)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5402 advisory. Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access ...

Astra Linux – Vulnerability in Firefox, Thunderbird

The date picker may partially obscure security prompts. A malicious site could use this feature to trick users into granting permissions. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird 115.14...

Updated firefox packages fix security vulnerabilities

The updated package provides Firefox 128 for all mandatory arches of Mageia x8664, i586 and aarch64, fixing several bugs, including security vulnerabilities, for i586 and aarch64: Fullscreen notification dialog can be obscured by document content. CVE-2024-7518 Out of bounds memory access in...

openSUSE Security Advisory (SUSE-SU-2024:3507-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : thunderbird (ALAS-2024-2629)

The version of thunderbird installed on the remote host is prior to 115.14.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2629 advisory. Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be...

Important: thunderbird

Issue Overview: Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird...

Important: thunderbird

Issue Overview: Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird...