Lucene search
K

44 matches found

Tenable Nessus
Tenable Nessus
added 2022/03/14 12:0 a.m.57 views

Oracle Linux 8 : thunderbird (ELSA-2022-0845)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0845 advisory. 91.7.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.7.0-2 - Update to 91.7.0 build2 91.7.0-1 - Upda...

9.8CVSS7.9AI score0.34174EPSS
Exploits7References12
Tenable Nessus
Tenable Nessus
added 2022/03/12 12:0 a.m.44 views

Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:0824)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0824-1 advisory. - Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 - Mozilla: Use-after-free in WebGPU IPC Framework CVE-2022-26486 - expat:...

9.8CVSS8.7AI score0.34174EPSS
Exploits7References11
ALT Linux
ALT Linux
added 2022/03/11 12:0 a.m.37 views

Security fix for the ALT Linux 10 package firefox-esr version 91.6.1-alt1

91.6.1-alt1 built March 11, 2022 Pavel Vasenkov in task 296362 March 7, 2022 Pavel Vasenkov - New ESR version. - Security fixes: + CVE-2022-26485 Use-after-free in XSLT parameter processing + CVE-2022-26486 Use-after-free in WebGPU IPC Framework...

8.9AI score0.14261EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/03/11 12:0 a.m.256 views

RHEL 8 : firefox (RHSA-2022:0816)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0816 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

9.8CVSS8.8AI score0.34174EPSS
Exploits7References23
OSV
OSV
added 2022/03/10 4:53 p.m.6 views

OPENSUSE-SU-2022:0804-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 91.6.2 bsc1196809: - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework...

9.6CVSS9.4AI score0.14261EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2022/03/10 3:29 p.m.9 views

Mozilla: Use-after-free in WebGPU IPC Framework

An unexpected message in the WebGPU IPC framework could lead to an exploitable sandbox escape and a use-after-free issue. An attacker with enough privileges could exploit this flaw leading to a complete system compromise...

9.6CVSS7.4AI score0.02349EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2022/03/10 3:18 p.m.57 views

Critical: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS7.6AI score0.34174EPSS
Exploits7References11
RedHat Linux
RedHat Linux
added 2022/03/10 3:9 p.m.93 views

Critical: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.6AI score0.34174EPSS
Exploits7References11
AlmaLinux
AlmaLinux
added 2022/03/10 2:36 p.m.83 views

Critical: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.7.0 ESR. Security Fixes: Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 Mozilla: Use-after-free in WebGPU IPC Framework...

9.8CVSS9.3AI score0.34174EPSS
Exploits7References10
Tenable Nessus
Tenable Nessus
added 2022/03/10 12:0 a.m.31 views

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:0783-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0783-1 advisory. - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had...

9.6CVSS8AI score0.14261EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2022/03/10 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2022:0777-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS8.7AI score0.14261EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2022/03/09 12:0 a.m.40 views

Debian DLA-2939-1 : thunderbird - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2939 advisory. Two security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For Debian 9 stretch, these problems have been fixed in...

9.6CVSS8.3AI score0.14261EPSS
Exploits2References7
hivepro
hivepro
added 2022/03/08 11:40 a.m.39 views

Two actively exploited Zero-Day vulnerabilities discovered in Mozilla Firefox

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Two critical zero-day vulnerabilities have been identified in Mozilla Firefox that are being exploited in-the-wild and tracked as CVE-2022-26485 and CVE-2022-26485. Both are use-after-free bugs that exist in XSLT parameter...

2.1AI score0.14261EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/03/07 12:0 a.m.45 views

Mozilla Firefox < 97.0.2

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 97.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-09 advisory. - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox...

9.6CVSS8AI score0.14261EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/03/07 12:0 a.m.30 views

Mozilla Firefox ESR < 91.6.1

The version of Firefox ESR installed on the remote Windows host is prior to 91.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-09 advisory. - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. ...

9.6CVSS8AI score0.14261EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/03/07 12:0 a.m.45 views

Mozilla Thunderbird < 91.6.2

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.6.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-09 advisory. - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbo...

9.6CVSS8AI score0.14261EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/03/07 12:0 a.m.43 views

Mozilla Firefox < 97.0.2

The version of Firefox installed on the remote Windows host is prior to 97.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-09 advisory. - An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We...

9.6CVSS8AI score0.14261EPSS
Exploits2References3
Ubuntu
Ubuntu
added 2022/03/06 9:11 p.m.119 views

USN-5314-1: Firefox vulnerabilities

A use-after-free was discovered when removing an XSLT parameter in some circumstances. If a user were tricked into opening a specially crafted website, an attacker could exploit this to cause a denial of service, or execute arbitrary code. CVE-2022-26485 A use-after-free was discovered in the...

9.6CVSS8.1AI score0.14261EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2022/03/06 12:0 a.m.44 views

CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

9.6CVSS7.1AI score0.02349EPSS
Exploits1References4
OSV
OSV
added 2022/03/06 12:0 a.m.4 views

UBUNTU-CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

9.6CVSS6.9AI score0.02349EPSS
Exploits1References5
Rows per page
Query Builder