Unity Linux 20.1070a Security Update: firefox (UTSA-2025-987430)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987430 advisory. Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox...

[SECURITY] Fedora 42 Update: cef-139.0.37^chromium139.0.7258.154-1.fc42

CEF is an embeddable build of Chromium, powered by WebKit Blink...

[SECURITY] Fedora 42 Update: chromium-139.0.7258.154-1.fc42

Chromium is an open-source web browser, powered by WebKit Blink...

[SECURITY] Fedora 41 Update: chromium-139.0.7258.154-1.fc41

Chromium is an open-source web browser, powered by WebKit Blink...

CVE-2025-9132

Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

KLA86792 ACE vulnerability in Google Chrome

ACE vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2025-9132 critical Solution Update to the latest version Download Google Chrome...

DEBIAN-CVE-2025-8882

Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-8901

Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

CVE-2025-8880

CVE-2025-8880 describes a race in V8 within Google Chrome before 139.0.7258.127, allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Connected documents corroborate: Chromium/Chrome security notes identify this race in V8 as a high-severity issue and Chr...

[SECURITY] Fedora 42 Update: chromium-139.0.7258.66-1.fc42

Chromium is an open-source web browser, powered by WebKit Blink...

Linux Distros Unpatched Vulnerability : CVE-2025-6436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort so...

CVE-2025-8578

Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

OESA-2025-1633 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox 139,...

Mozilla Thunderbird Security Update (mfsa_2025-45) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Firefox Security Update (mfsa_2025-42) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla Firefox Security Update (mfsa_2025-42) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

CVE-2025-5270

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox 139 and Thunderbird 139...

CVE-2025-5270 SNI was sometimes unencrypted

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 139, Firefox ESR versions prior to 115.24, and Firefox ESR versions prior to 128.11, which stems from a mishandling of script...

CVE-2025-5020

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS 139...