WebAssembly Micro Runtime 缓冲区错误漏洞

WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...

PT-2025-48092

Name of the Vulnerable Software and Affected Versions WebAssembly Micro Runtime WAMR versions prior to 2.4.4 Description WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. An out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM...

AlmaLinux 10 : thunderbird (ALSA-2025:21843)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:21843 advisory. firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox:...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:4195-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4195-1 advisory. - Update Mozilla Thunderbird to version 140.5 bsc1253188 - CVE-2025-13012: Race condition in the...

PT-2025-48091

Name of the Vulnerable Software and Affected Versions WebAssembly Micro Runtime WAMR versions prior to 2.4.4 Description WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Versions prior to 2.4.4 are susceptible to a segmentation fault in the v128.store...

Malicious code in @postman/secret-scanner-wasm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5d1604689ef91985fbc1fe9f8958eb7a50835e71b7cfa4125de687ca37c2d19 The package @postman/secret-scanner-wasm was found to contain malicious code. Source: google-open-source-security...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.5.0 ESR bsc1253188 CVE-2025-13012: Race condition in the Graphics component. CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component. CVE-2025-13017: Same-origi...

SUSE-SU-2025:4174-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Update to Firefox Extended Support Release 140.5.0 ESR bsc1253188 - CVE-2025-13012: Race condition in the Graphics component. - CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component. - CVE-2025-13017:...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.5.0 ESR bsc1253188 CVE-2025-13012: Race condition in the Graphics component. CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component. CVE-2025-13017: Same-origi...

SUSE-SU-2025:4173-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Update to Firefox Extended Support Release 140.5.0 ESR bsc1253188 - CVE-2025-13012: Race condition in the Graphics component. - CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component. - CVE-2025-13017:...

Google Chrome < 124.0.6367.60 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 124.0.6367.60. It is, therefore, affected by multiple vulnerabilities as referenced in the 202404stable-channel-update-for-desktop16 advisory. - Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a...

RockyLinux 10 : thunderbird (RLSA-2025:21843)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21843 advisory. firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox:...

RockyLinux 8 : thunderbird (RLSA-2025:21881)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21881 advisory. firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox:...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

firefox security update

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

firefox security update

An update is available for firefox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

RLSA-2025:21280 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox: Incorrect boundary...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

RLSA-2025:21881 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox: Incorrect boundary conditions in the JavaScript: WebAssembly compone...

RHEL 10 : thunderbird (RHSA-2025:21843)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21843 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Mitigation bypass in the DOM: Security component...