Astra Linux - уязвимость в firefox

The NSCDeriveKey function inadvertently assumed that the phKey parameter was always non-NULL. When the parameter was passed as NULL, a segmentation fault occurred, resulting in crashes. This behavior conflicts with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanism...

Astra Linux - уязвимость в firefox, thunderbird, expat

The lookup function in xmlparse.c within Expat also known as libexpat has an integer overflow before version 2.4.3...

firefox: thunderbird: Incorrect boundary conditions in the WebRTC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the WebRTC component...

firefox: thunderbird: Other issue in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the Libraries component in NSS...

firefox: thunderbird: Other issue in the Storage: IndexedDB component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the Storage: IndexedDB component...

firefox: thunderbird: Incorrect boundary conditions in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics component...

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 9 : firefox (RHSA-2026:7671)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7671 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

CVE-2026-4714

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video component...

CVE-2026-4708

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics component...

CVE-2026-4689

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...

CVE-2026-4684

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Race condition, use-after-free in the Graphics: WebRender component...

libvpx: Heap buffer overflow in libvpx

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Heap buffer overflow in libvpx...

firefox: thunderbird: Incorrect boundary conditions in the Web Audio component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Web Audio component...

firefox: thunderbird: Incorrect boundary conditions in the WebRTC: Audio/Video component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the WebRTC: Audio/Video component...

Linux Distros Unpatched Vulnerability : CVE-2026-2791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

MiracleLinux 9 : firefox-128.4.0-1.el9_4.ML.1 (AXSA:2024-8972:37)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8972:37 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox:...

MiracleLinux 9 : thunderbird-91.10.0-1.el9.ML.1 (AXSA:2022-4019:18)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4019:18 advisory. Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email CVE-2022-1834 Mozilla: Cross-Origin resource...

RHEL 8 : thunderbird (RHSA-2025:22791)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:22791 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Mitigation bypass in the DOM: Security component...