Lucene search
K

53 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 7 : firefox-128.12.0-1.0.1.el7.AXS7 (AXSA:2025-10426:21)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10426:21 advisory. firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet...

9.8CVSS6.5AI score0.03057EPSS
Exploits0References5
OSV
OSV
added 2025/12/03 8:41 p.m.4 views

OPENSUSE-SU-2025-20135-1 Security update for mozjs128

This update for mozjs128 fixes the following issues: - Update to version 128.14.0 bsc1248162: + CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component + CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component + CVE-2025-9181: Uninitialized memo...

9.8CVSS7.6AI score0.03057EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 3: thunderbird (TSSA-2025:0600)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0600 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS6.2AI score0.03057EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.7 views

TencentOS Server 3: firefox (TSSA-2025:0528)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0528 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS6.2AI score0.03057EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

An attacker who enumerated resources from the WebCompat extension could obtain a persistent UUID that identified the browser. This UUID could be used to switch between container-based modes and normal/private browsing mode, but it could not be used to access profiles. This vulnerability has been...

4.3CVSS5.7AI score0.00249EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: firefox (UTSA-2025-987439)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987439 advisory. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers...

4.3CVSS6.4AI score0.00249EPSS
Exploits0References4
OSV
OSV
added 2025/10/04 12:11 a.m.7 views

RLSA-2025:10072 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet CVE-2025-6424 firefox:...

7.5CVSS6.1AI score0.03057EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19101

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00249EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.4 views

firefox security update

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

9.8CVSS7AI score0.03057EPSS
Exploits0
OSV
OSV
added 2025/10/03 7:56 p.m.7 views

RLSA-2025:10073 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet CVE-2025-6424 firefox:...

7.5CVSS6.1AI score0.03057EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-6425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between...

4.3CVSS5.8AI score0.00249EPSS
Exploits0References3
OSV
OSV
added 2025/07/25 1:17 p.m.3 views

OESA-2025-1912 thunderbird security update

Security Fixes: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.CVE-2025-6424 An attacker who enumerated resources from the WebCompat extension coul...

9.8CVSS6.2AI score0.03057EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/07/18 12:38 p.m.3 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.12 MFSA 2025-55, bsc1244670: CVE-2025-6424: Use-after-free in FontFaceSet bmo1966423 CVE-2025-6425: The WebCompat WebExtension shipped exposed a persistent UUID bmo1717672 CVE-2025-6426: No warning wh...

8.8CVSS6.7AI score0.03057EPSS
Exploits0References12
Amazon
Amazon
added 2025/07/10 12:0 a.m.4 views

Important: firefox

Issue Overview: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox or tag, potentially making a website vulnerable to a cross-site scripting attack. CVE-2025-6430 Affected Packages: firefox Issue Correction: Run dnf update firefox...

9.8CVSS5.8AI score0.03057EPSS
Exploits0
Mageia
Mageia
added 2025/07/02 10:16 p.m.10 views

Updated rootcerts, nss & firefox packages fix security vulnerabilities

CVE-2025-6424: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. CVE-2025-6425: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private...

9.8CVSS6.7AI score0.03057EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/02 2:59 p.m.4 views

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

4.3CVSS5.8AI score0.00249EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/02 8:27 a.m.6 views

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

4.3CVSS5.8AI score0.00249EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/02 8:12 a.m.5 views

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

4.3CVSS5.8AI score0.00249EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/02 6:13 a.m.5 views

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

4.3CVSS5.8AI score0.00249EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/02 5:46 a.m.6 views

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

4.3CVSS5.8AI score0.00249EPSS
Exploits0References5
Rows per page
Query Builder