261 matches found
RLSA-2025:12188 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...
RLSA-2025:13676 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...
CVE-2025-38699 scsi: bfa: Double-free fix
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL. Subsequently, during driver uninstallation, when the state machine...
OSV-2025-657 Heap-use-after-free in ftp_pp_statemachine
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=439473053 Crash type: Heap-use-after-free READ 8 Crash state: ftpppstatemachine ftpdoing multirunsingle...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...
firefox: thunderbird: Incorrect JavaScript state machine for generators
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...
firefox: thunderbird: Incorrect JavaScript state machine for generators
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if setmemoryencrypted fails CVE-2024-36913 In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block CVE-2024-41013 In...
Linux Distros Unpatched Vulnerability : CVE-2023-52456
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx...
firefox: thunderbird: Incorrect JavaScript state machine for generators
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...
firefox: thunderbird: Incorrect JavaScript state machine for generators
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...
firefox: thunderbird: Incorrect JavaScript state machine for generators
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...
firefox: thunderbird: Incorrect JavaScript state machine for generators
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...
firefox: thunderbird: Incorrect JavaScript state machine for generators
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...
firefox: thunderbird: Incorrect JavaScript state machine for generators
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...
CVE-2025-44557
A state machine transition flaw in the Bluetooth Low Energy BLE stack of Cypress PSoC4 v3.66 allows attackers to bypass the pairing process and authentication via a crafted pairingfailed packet...
CVE-2025-44557
A state machine transition flaw in the Bluetooth Low Energy BLE stack of Cypress PSoC4 v3.66 allows attackers to bypass the pairing process and authentication via a crafted pairingfailed packet...
Infineon PSoC4 安全漏洞
Infineon PSoC4 is a programmable system-on-chip PSoC product family from Infineon Germany. A security vulnerability exists in Infineon PSoC4 version v3.66, which stems from a BLE stack state machine transition flaw that could lead to authentication bypass...
PT-2025-27241 · Cypress · Cypress Psoc4
Name of the Vulnerable Software and Affected Versions: Cypress PSoC4 version 3.66 Description: A state machine transition flaw in the Bluetooth Low Energy BLE stack allows attackers to bypass the pairing process and authentication via a crafted pairing failed packet. This flaw enables attackers t...