175 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
When attempting to load a cross-origin resource in an audio/video context, a decoding error may occur. The details of that error may contain information related to the resource. This vulnerability affects Firefox versions earlier than 86, Thunderbird versions earlier than 78.8, and Firefox ESR...
Astra Linux – Vulnerability in Firefox, Thunderbird
A malicious web page could have caused an out-of-bounds write in WebGL, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3295 (ALAS-2026-3295)
The version of thunderbird installed on the remote host is prior to 140.10.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3295 advisory. Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fix...
CVE-2026-5732
Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1...
CVE-2026-5733
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 149.0.2 and Thunderbird 149.0.2...
CVE-2026-5732
Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1...
Mozilla Thunderbird < 140.9.1
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-29 advisory. - Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and...
SUSE CVE-2026-4693
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
SUSE CVE-2026-4708
Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
SUSE CVE-2026-4716
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
Linux Distros Unpatched Vulnerability : CVE-2026-4702
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4698
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
UBUNTU-CVE-2026-4704
Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
UBUNTU-CVE-2026-4685
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4718
Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4709
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4709
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4704 Denial-of-service in the WebRTC: Signaling component
Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4723
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...
CVE-2026-4702
JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...