Lucene search
K

22008 matches found

RedHat Linux
RedHat Linux
added 2026/06/22 4:36 a.m.4 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory...

8.1CVSS5.9AI score0.00476EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/22 4:36 a.m.6 views

firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

7.5CVSS5.8AI score0.00313EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/22 4:36 a.m.8 views

firefox: thunderbird: Memory safety bug fixed in Firefox ESR 140.12

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Firefox ESR 140.12...

7.5CVSS5.8AI score0.00306EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/22 4:5 a.m.7 views

firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

7.5CVSS5.8AI score0.00374EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/22 4:5 a.m.7 views

firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...

5.3CVSS5.8AI score0.00261EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/22 3:57 a.m.9 views

Moderate: Red Hat Security Advisory: openssl-fips-provider security update

An update for openssl-fips-provider is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 3:49 a.m.6 views

Important: Red Hat Security Advisory: webkitgtk4 security update

An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

8.8CVSS5.8AI score0.00693EPSS
Exploits0References17
RedHat Linux
RedHat Linux
added 2026/06/22 2:46 a.m.7 views

Critical: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS5.9AI score0.00563EPSS
Exploits4References3
RedHat Linux
RedHat Linux
added 2026/06/22 2:35 a.m.4 views

firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...

8.8CVSS5.9AI score0.00429EPSS
Exploits0References6
Redos
Redos
added 2026/06/22 12:0 a.m.5 views

ROS-20260622-73-0014

The vulnerability of the Audio/Video components in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.5CVSS6.2AI score0.00323EPSS
Exploits0
Redos
Redos
added 2026/06/22 12:0 a.m.5 views

ROS-20260622-73-0012

The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.8CVSS6.5AI score0.00316EPSS
Exploits0
Redos
Redos
added 2026/06/22 12:0 a.m.4 views

ROS-20260622-73-0028

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.1CVSS6.4AI score0.00384EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.7 views

Oracle Linux 8 : redis:6 (ELSA-2026-26008)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26008 advisory. 6.2.22-1.0.1 - Build with 64k pages to support redis on both UEK6 and UEK7 on aarch64 6.2.22-1 - rebase to 6.2.22 for CVE-2026-25243 Tenable has extracted the...

8.8CVSS6AI score0.02995EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 7:16 p.m.7 views

CVE-2026-9375

urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code paths in response.py that bypass the maxlength protection introduced in version 2.6.0 to mitigate CVE-2025-66471...

7.5CVSS0.00304EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 7:16 p.m.15 views

DEBIAN-CVE-2026-9375

urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code paths in response.py that bypass the maxlength protection introduced in version 2.6.0 to mitigate CVE-2025-66471...

7.5CVSS6.3AI score0.00304EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/19 6:45 p.m.18 views

CVE-2026-9375 Decompression Bomb Bypass via Negative max_length in Streaming API in urllib3

urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code paths in response.py that bypass the maxlength protection introduced in version 2.6.0 to mitigate CVE-2025-66471...

7.5CVSS0.00304EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 6:45 p.m.4 views

CVE-2026-9375

urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code paths in response.py that bypass the maxlength protection introduced in version 2.6.0 to mitigate CVE-2025-66471...

7.5CVSS7.5AI score0.00304EPSS
Exploits0References3
CVE
CVE
added 2026/06/19 6:45 p.m.29 views

CVE-2026-9375

urllib3 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API when Brotli is enabled and preload_content is False. Three code paths in response.py bypass the max_length protection added in 2.6.0 to mitigate CVE-2025-66471: (1) negative max_length can result from buffer arithmeti...

7.5CVSS7.5AI score0.00304EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 5:3 p.m.16 views

CVE-2026-49286 PhpWeasyPrint vulnerable to PHAR deserialization via output filename (CVE-2023-28115 case-insensitive bypass)

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint guarded the output filename against the phar:// stream wrapper with a case-sensitive blacklist. PHP stream wrappers are case-insensitive, so PHAR://, Phar://, etc...

8.1CVSS0.00555EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Tomcat9

Apache Tomcat versions 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43, and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop, resulting in a denial of...

7.5CVSS7.2AI score0.06687EPSS
Exploits0References1
Rows per page
Query Builder