MiracleLinux 9 : thunderbird-102.13.0-2.el9.ML.1 (AXSA:2023-6243:21)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6243:21 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...

MiracleLinux 7 : firefox-102.13.0-2.0.1.el7.AXS7 (AXSA:2023-6240:25)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6240:25 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...

MiracleLinux 8 : thunderbird-102.13.0-2.el8.ML.1 (AXSA:2023-6238:20)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6238:20 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...

MiracleLinux 9 : thunderbird-102.8.0-2.el9.ML.1 (AXSA:2023-5140:11)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5140:11 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

CVE-2025-14330

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

CVE-2025-14331

Same-origin policy bypass in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

CVE-2025-14321

Use-after-free in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

CVE-2025-14322

Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

CVE-2025-13023

Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145...

CVE-2025-13017

Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

CVE-2025-13027

Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 145 and Thunderbird 145...

CVE-2025-13019

Same-origin policy bypass in the DOM: Workers component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

CVE-2025-11712

A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header. This vulnerabilit...

CVE-2025-11710

A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

CVE-2025-11721

Memory safety bug present in Firefox 143 and Thunderbird 143. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

CVE-2025-11715

Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

EUVD-2013-5459

Malware in sbrugna...

EUVD-2019-3420

Malware in sbrugna...