Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4bddd0c7 by security tracker role at 2026-03-02T20:13:08+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,395 @@
+CVE-2026-3432 (On SimStudio version below to 0.5.74, the
`/api/auth/oauth/token` endp ...)
+ TODO: check
+CVE-2026-3431 (On SimStudio version below to 0.5.74, the MongoDB tool
endpoints accep ...)
+ TODO: check
+CVE-2026-3180 (The Contest Gallery \u2013 Upload & Vote Photos, Media, Sell
with PayP ...)
+ TODO: check
+CVE-2026-3132 (The Master Addons for Elementor Premium plugin for WordPress is
vulner ...)
+ TODO: check
+CVE-2026-2584 (A critical SQL Injection (SQLi) vulnerability has been
identified in t ...)
+ TODO: check
+CVE-2026-28412 (Textream is a free macOS teleprompter app. Prior to version
1.5.1, the ...)
+ TODO: check
+CVE-2026-28403 (Textream is a free macOS teleprompter app. Prior to version
1.5.1, the ...)
+ TODO: check
+CVE-2026-28401 (NocoDB is software for building databases as spreadsheets.
Prior to ve ...)
+ TODO: check
+CVE-2026-28399 (NocoDB is software for building databases as spreadsheets.
Prior to ve ...)
+ TODO: check
+CVE-2026-28398 (NocoDB is software for building databases as spreadsheets.
Prior to ve ...)
+ TODO: check
+CVE-2026-28397 (NocoDB is software for building databases as spreadsheets.
Prior to ve ...)
+ TODO: check
+CVE-2026-28396 (NocoDB is software for building databases as spreadsheets.
Prior to ve ...)
+ TODO: check
+CVE-2026-28361 (NocoDB is software for building databases as spreadsheets.
Prior to ve ...)
+ TODO: check
+CVE-2026-28360 (NocoDB is software for building databases as spreadsheets.
Prior to ve ...)
+ TODO: check
+CVE-2026-28359 (NocoDB is software for building databases as spreadsheets.
Prior to ve ...)
+ TODO: check
+CVE-2026-28358 (NocoDB is software for building databases as spreadsheets.
Prior to ve ...)
+ TODO: check
+CVE-2026-28357 (NocoDB is software for building databases as spreadsheets.
Prior to ve ...)
+ TODO: check
+CVE-2026-28286 (ZimaOS is a fork of CasaOS, an operating system for Zima
devices and x ...)
+ TODO: check
+CVE-2026-27631 (Exiv2 is a C++ library and a command-line utility to read,
write, dele ...)
+ TODO: check
+CVE-2026-27596 (Exiv2 is a C++ library and a command-line utility to read,
write, dele ...)
+ TODO: check
+CVE-2026-26720 (An issue in Twenty CRM v1.15.0 and before allows a remote
attacker to ...)
+ TODO: check
+CVE-2026-26713 (code-projects Simple Food Order System v1.0 is vulnerable to
SQL Injec ...)
+ TODO: check
+CVE-2026-26712 (code-projects Simple Food Order System v1.0 is vulnerable to
SQL Injec ...)
+ TODO: check
+CVE-2026-26711 (code-projects Simple Food Order System v1.0 is vulnerable to
SQL Injec ...)
+ TODO: check
+CVE-2026-26710 (code-projects Simple Food Order System v1.0 is vulnerable to
SQL Injec ...)
+ TODO: check
+CVE-2026-26709 (code-projects Simple Gym Management System v1.0 is vulnerable
to SQL I ...)
+ TODO: check
+CVE-2026-26708 (sourcecodester Pharmacy Point of Sale System v1.0 is
vulnerable to SQL ...)
+ TODO: check
+CVE-2026-26707 (sourcecodester Pharmacy Point of Sale System v1.0 is
vulnerable to SQL ...)
+ TODO: check
+CVE-2026-26706 (sourcecodester Pharmacy Point of Sale System v1.0 is
vulnerable to SQL ...)
+ TODO: check
+CVE-2026-26705 (sourcecodester Pharmacy Point of Sale System v1.0 is
vulnerable to SQL ...)
+ TODO: check
+CVE-2026-26704 (sourcecodester Pharmacy Point of Sale System v1.0 is
vulnerable to SQL ...)
+ TODO: check
+CVE-2026-26703 (sourcecodester Personnel Property Equipment System v1.0 is
vulnerable ...)
+ TODO: check
+CVE-2026-26702 (sourcecodester Personnel Property Equipment System v1.0 is
vulnerable ...)
+ TODO: check
+CVE-2026-26701 (sourcecodester Personnel Property Equipment System v1.0 is
vulnerable ...)
+ TODO: check
+CVE-2026-26700 (sourcecodester Personnel Property Equipment System v1.0 is
vulnerable ...)
+ TODO: check
+CVE-2026-26699 (sourcecodester Personnel Property Equipment System v1.0 is
vulnerable ...)
+ TODO: check
+CVE-2026-26698 (code-projects Simple Student Alumni System v1.0 is vulnerable
to SQL I ...)
+ TODO: check
+CVE-2026-26697 (code-projects Simple Student Alumni System v1.0 is vulnerable
to SQL I ...)
+ TODO: check
+CVE-2026-26696 (code-projects Simple Student Alumni System v1.0 is vulnerable
to SQL I ...)
+ TODO: check
+CVE-2026-26695 (code-projects Simple Student Alumni System v1.0 is vulnerable
to SQL I ...)
+ TODO: check
+CVE-2026-26694 (code-projects Simple Student Alumni System v1.0 is vulnerale
to SQL In ...)
+ TODO: check
+CVE-2026-25884 (Exiv2 is a C++ library and a command-line utility to read,
write, dele ...)
+ TODO: check
+CVE-2026-25477 (AFFiNE is an open-source, all-in-one workspace and an
operating system ...)
+ TODO: check
+CVE-2026-24115 (An issue was discovered in Tenda W20E V4.0br_V15.11.0.6.
Failure to va ...)
+ TODO: check
+CVE-2026-24114 (An issue was discovered in Tenda W20E V4.0br_V15.11.0.6.
Failure to va ...)
+ TODO: check
+CVE-2026-24113 (An issue was discovered in Tenda W20E V4.0br_V15.11.0.6.
Attackers may ...)
+ TODO: check
+CVE-2026-24112 (An issue was discovered in Tenda W20E V4.0br_V15.11.0.6.
Attackers may ...)
+ TODO: check
+CVE-2026-24111 (An issue was discovered in Tenda W20E V4.0br_V15.11.0.6.
Attackers may ...)
+ TODO: check
+CVE-2026-24110 (An issue was discovered in Tenda W20E V4.0br_V15.11.0.6.
Attackers may ...)
+ TODO: check
+CVE-2026-24109 (An issue was discovered in Tenda W20E V4.0br_V15.11.0.6.
Attackers may ...)
+ TODO: check
+CVE-2026-24108 (An issue was discovered in Tenda W20E V4.0br_V15.11.0.6.
Attackers may ...)
+ TODO: check
+CVE-2026-24107 (An issue was discovered in Tenda W20E V4.0br_V15.11.0.6.
Failure to va ...)
+ TODO: check
+CVE-2026-24105 (An issue was discovered in goform/formsetUsbUnload in Tenda
AC15V1.0 V ...)
+ TODO: check
+CVE-2026-24101 (An issue was discovered in goform/formSetIptv in Tenda
AC15V1.0 V15.03 ...)
+ TODO: check
+CVE-2026-23865 (An integer overflow in the tt_var_load_item_variation_store
function o ...)
+ TODO: check
+CVE-2026-23600 (A remote authentication bypass vulnerability exists in HPE
AutoPass ...)
+ TODO: check
+CVE-2026-21882 (theshit is a command-line utility that automatically detects
and fixes ...)
+ TODO: check
+CVE-2026-21853 (AFFiNE is an open-source, all-in-one workspace and an
operating system ...)
+ TODO: check
+CVE-2026-21385 (Memory corruption while using alignments for memory
allocation.)
+ TODO: check
+CVE-2026-20445 (In MDDP, there is a possible system crash due to a race
condition. Thi ...)
+ TODO: check
+CVE-2026-20444 (In display, there is a possible memory corruption due to a
missing bou ...)
+ TODO: check
+CVE-2026-20443 (In display, there is a possible memory corruption due to use
after fre ...)
+ TODO: check
+CVE-2026-20442 (In display, there is a possible system crash due to use after
free. Th ...)
+ TODO: check
+CVE-2026-20441 (In MAE, there is a possible out of bounds write due to a
missing bound ...)
+ TODO: check
+CVE-2026-20440 (In MAE, there is a possible out of bounds write due to a
missing bound ...)
+ TODO: check
+CVE-2026-20439 (In imgsys, there is a possible system crash due to use after
free. Thi ...)
+ TODO: check
+CVE-2026-20438 (In MAE, there is a possible out of bounds write due to a race
conditio ...)
+ TODO: check
+CVE-2026-20437 (In MAE, there is a possible system crash due to use after
free. This c ...)
+ TODO: check
+CVE-2026-20436 (In wlan STA driver, there is a possible escalation of
privilege due to ...)
+ TODO: check
+CVE-2026-20435 (In preloader, there is a possible read of device unique
identifiers du ...)
+ TODO: check
+CVE-2026-20434 (In Modem, there is a possible out of bounds write due to a
missing bou ...)
+ TODO: check
+CVE-2026-20430 (In wlan AP FW, there is a possible out of bounds write due to
an incor ...)
+ TODO: check
+CVE-2026-20429 (In display, there is a possible out of bounds read due to a
missing bo ...)
+ TODO: check
+CVE-2026-20428 (In display, there is a possible out of bounds write due to a
missing b ...)
+ TODO: check
+CVE-2026-20427 (In display, there is a possible escalation of privilege due to
a missi ...)
+ TODO: check
+CVE-2026-20426 (In display, there is a possible out of bounds write due to a
missing b ...)
+ TODO: check
+CVE-2026-20425 (In display, there is a possible out of bounds write due to a
missing b ...)
+ TODO: check
+CVE-2026-20424 (In display, there is a possible out of bounds read due to a
missing bo ...)
+ TODO: check
+CVE-2026-20423 (In wlan STA driver, there is a possible out of bounds write
due to a m ...)
+ TODO: check
+CVE-2026-20416 (In pcie, there is a possible out of bounds write due to a
missing boun ...)
+ TODO: check
+CVE-2026-1628 (Mattermost Desktop App versions <=5.13.3 fail to attach
listeners rest ...)
+ TODO: check
+CVE-2026-0995 (An issue has been identified in Arm C1-Pro before r1p2-50eac0,
where, ...)
+ TODO: check
+CVE-2026-0689 (In ExtremeCloud IQ \u2013 Site Engine (XIQ\u2011SE) before
26.2.10, a ...)
+ TODO: check
+CVE-2026-0655 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
+ TODO: check
+CVE-2026-0654 (Improper input handling in the administration web interface on
TP-Link ...)
+ TODO: check
+CVE-2026-0047 (In dumpBitmapsProto of ActivityManagerService.java, there is a
possibl ...)
+ TODO: check
+CVE-2026-0038 (In multiple functions of mem_protect.c, there is a possible way
to exe ...)
+ TODO: check
+CVE-2026-0037 (In multiple functions of ffa.c, there is a possible memory
corruption ...)
+ TODO: check
+CVE-2026-0035 (In createRequest of MediaProvider.java, there is a possible way
for an ...)
+ TODO: check
+CVE-2026-0034 (In setPackageOrComponentEnabled of ManagedServices.java, there
is a po ...)
+ TODO: check
+CVE-2026-0032 (In multiple functions of mem_protect.c, there is a possible
out-of-bou ...)
+ TODO: check
+CVE-2026-0031 (In multiple functions of mem_protect.c, there is a possible out
of bou ...)
+ TODO: check
+CVE-2026-0030 (In __host_check_page_state_range of mem_protect.c, there is a
possible ...)
+ TODO: check
+CVE-2026-0029 (In __pkvm_init_vm of pkvm.c, there is a possible memory
corruption due ...)
+ TODO: check
+CVE-2026-0028 (In __pkvm_host_share_guest of mem_protect.c, there is a
possible out o ...)
+ TODO: check
+CVE-2026-0027 (In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of
bounds ...)
+ TODO: check
+CVE-2026-0026 (In removePermission of PermissionManagerServiceImpl.java, there
is a p ...)
+ TODO: check
+CVE-2026-0025 (In hasImage of Notification.java, there is a possible way to
reveal in ...)
+ TODO: check
+CVE-2026-0024 (In isRedactionNeededForOpenViaContentResolver of
MediaProvider.java, t ...)
+ TODO: check
+CVE-2026-0023 (In createSessionInternal of PackageInstallerService.java, there
is a p ...)
+ TODO: check
+CVE-2026-0021 (In hasInteractAcrossUsersFullPermission of AppInfoBase.java,
there is ...)
+ TODO: check
+CVE-2026-0020 (In parsePermissionGroup of ParsedPermissionUtils.java, there is
a poss ...)
+ TODO: check
+CVE-2026-0017 (In onChange of BiometricService.java, there is a possible way
to enabl ...)
+ TODO: check
+CVE-2026-0015 (In multiple locations of AppOpsService.java, there is a
possible persi ...)
+ TODO: check
+CVE-2026-0014 (In isPackageNullOrSystem of AppOpsService.java, there is a
possible pe ...)
+ TODO: check
+CVE-2026-0013 (In setupLayout of PickActivity.java, there is a possible way to
start ...)
+ TODO: check
+CVE-2026-0012 (In setHideSensitive of ExpandableNotificationRow.java, there is
a poss ...)
+ TODO: check
+CVE-2026-0011 (In enableSystemPackageLPw of Settings.java, there is a possible
way to ...)
+ TODO: check
+CVE-2026-0010 (In onTransact of IDrmManagerService.cpp, there is a possible
out of bo ...)
+ TODO: check
+CVE-2026-0008 (In multiple locations, there is a possible privilege
escalation due t ...)
+ TODO: check
+CVE-2026-0007 (In writeToParcel of WindowInfo.cpp, there is a possible way to
trick a ...)
+ TODO: check
+CVE-2026-0006 (In multiple locations, there is a possible out of bounds read
and writ ...)
+ TODO: check
+CVE-2026-0005 (In onServiceDisconnected of KeyguardServiceDelegate.java, there
is a p ...)
+ TODO: check
+CVE-2025-70252 (An issue was discovered in /goform/WifiWpsStart in Tenda
AC6V2.0 V15.0 ...)
+ TODO: check
+CVE-2025-66880 (Cross Site Scripting vulnerability in Wethink Technology Inc
720yun pa ...)
+ TODO: check
+CVE-2025-65465 (A reflected Cross-Site Scripting (XSS) vulnerability in the
RaiseError ...)
+ TODO: check
+CVE-2025-64427 (ZimaOS is a fork of CasaOS, an operating system for Zima
devices and x ...)
+ TODO: check
+CVE-2025-59603 (Memory Corruption when processing invalid user address with
nonstandar ...)
+ TODO: check
+CVE-2025-59600 (Memory Corruption when adding user-supplied data without
checking avai ...)
+ TODO: check
+CVE-2025-58406 (The CGM CLININET application respond without essential
security HTTP h ...)
+ TODO: check
+CVE-2025-58405 (The CGM CLININET application does not implement any mechanisms
that pr ...)
+ TODO: check
+CVE-2025-58402 (The CGM CLININET application uses direct, sequential object
identifier ...)
+ TODO: check
+CVE-2025-58107 (In Microsoft Exchange through 2019, Exchange ActiveSync (EAS)
configur ...)
+ TODO: check
+CVE-2025-52998 (Chamilo is a learning management system. Prior to version
1.11.30, in ...)
+ TODO: check
+CVE-2025-52564 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-52563 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-52482 (Chamilo is a learning management system. Prior to version
1.11.30, a S ...)
+ TODO: check
+CVE-2025-52476 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-52475 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-52470 (Chamilo is a learning management system. Prior to version
1.11.30, a s ...)
+ TODO: check
+CVE-2025-52469 (Chamilo is a learning management system. Prior to version
1.11.30, a l ...)
+ TODO: check
+CVE-2025-52468 (Chamilo is a learning management system. Prior to version
1.11.30, an ...)
+ TODO: check
+CVE-2025-50199 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50198 (Chamilo is a learning management system. Prior to version
1.11.30, Cha ...)
+ TODO: check
+CVE-2025-50197 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50196 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50195 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50194 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50193 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50192 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50191 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50190 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50189 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50188 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
+ TODO: check
+CVE-2025-50187 (Chamilo is a learning management system. Prior to version
1.11.28, par ...)
+ TODO: check
+CVE-2025-50186 (Chamilo is a learning management system. Prior to version
1.11.30, a s ...)
+ TODO: check
+CVE-2025-48654 (In onStart of CompanionDeviceManagerService.java, there is a
possible ...)
+ TODO: check
+CVE-2025-48653 (In loadDataAndPostValue of multiple files, there is a possible
way to ...)
+ TODO: check
+CVE-2025-48650 (In multiple locations, there is a possible information
disclosure due ...)
+ TODO: check
+CVE-2025-48646 (In executeRequest of ActivityStarter.java, there is a possible
launch ...)
+ TODO: check
+CVE-2025-48645 (In loadDescription of DeviceAdminInfo.java, there is a
possible persis ...)
+ TODO: check
+CVE-2025-48644 (In multiple locations, there is a possible persistent denial
of servic ...)
+ TODO: check
+CVE-2025-48642 (In jump_to_payload of payload.rs, there is a possible
information disc ...)
+ TODO: check
+CVE-2025-48641 (In multiple functions of Nfc.h, there is a possible use after
free due ...)
+ TODO: check
+CVE-2025-48636 (In openFile of BugreportContentProvider.java, there is a
possible way ...)
+ TODO: check
+CVE-2025-48635 (In multiple functions of TaskFragmentOrganizerController.java,
there i ...)
+ TODO: check
+CVE-2025-48634 (In relayoutWindow of WindowManagerService.java, there is a
possible ta ...)
+ TODO: check
+CVE-2025-48630 (In drawLayersInternal of SkiaRenderEngine.cpp, there is a
possible way ...)
+ TODO: check
+CVE-2025-48619 (In multiple functions of ContentProvider.java, there is a
possible way ...)
+ TODO: check
+CVE-2025-48613 (In VBMeta, there is a possible way to modify and resign VBMeta
using a ...)
+ TODO: check
+CVE-2025-48609 (In multiple functions of MmsProvider.java, there is a possible
way to ...)
+ TODO: check
+CVE-2025-48605 (In multiple functions of KeyguardViewMediator.java, there is a
possibl ...)
+ TODO: check
+CVE-2025-48602 (In exitKeyguardAndFinishSurfaceBehindRemoteAnimation of
KeyguardViewMe ...)
+ TODO: check
+CVE-2025-48587 (In multiple functions of ProfilingService.java, there is a
possible pe ...)
+ TODO: check
+CVE-2025-48585 (In multiple functions of ProfilingService.java, there is a
possible pe ...)
+ TODO: check
+CVE-2025-48582 (In multiple locations, there is a possible way to delete media
without ...)
+ TODO: check
+CVE-2025-48579 (In multiple functions of MediaProvider.java, there is a
possible exter ...)
+ TODO: check
+CVE-2025-48578 (In multiple functions of MediaProvider.java, there is a
possible way t ...)
+ TODO: check
+CVE-2025-48577 (In multiple functions of KeyguardViewMediator.java, there is a
possibl ...)
+ TODO: check
+CVE-2025-48574 (In validateAddingWindowLw of DisplayPolicy.java, there is a
possible w ...)
+ TODO: check
+CVE-2025-48568 (In multiple locations, there is a possible lockscreen bypass
due to a ...)
+ TODO: check
+CVE-2025-48567 (In multiple locations, there is a possible bypass of a file
path filte ...)
+ TODO: check
+CVE-2025-47386 (Memory Corruption while invoking IOCTL calls when concurrent
access to ...)
+ TODO: check
+CVE-2025-47385 (Memory Corruption when accessing trusted execution environment
without ...)
+ TODO: check
+CVE-2025-47384 (Transient DOS when MAC configures config id greater than
supported max ...)
+ TODO: check
+CVE-2025-47383 (Weak configuration may lead to cryptographic issue when a
VoWiFi call ...)
+ TODO: check
+CVE-2025-47381 (Memory Corruption while processing IOCTL calls when concurrent
access ...)
+ TODO: check
+CVE-2025-47379 (Memory Corruption when concurrent access to shared buffer
occurs due t ...)
+ TODO: check
+CVE-2025-47378 (Cryptographic Issue when a shared VM reference allows HLOS to
boot loa ...)
+ TODO: check
+CVE-2025-47377 (Memory Corruption when accessing a buffer after it has been
freed whil ...)
+ TODO: check
+CVE-2025-47376 (Memory Corruption when concurrent access to shared buffer
occurs durin ...)
+ TODO: check
+CVE-2025-47375 (Memory corruption while handling different IOCTL calls from
the user-s ...)
+ TODO: check
+CVE-2025-47373 (Memory Corruption when accessing buffers with invalid length
during TA ...)
+ TODO: check
+CVE-2025-47371 (Transient DOS when an LTE RLC packet with invalid TB is
received by UE ...)
+ TODO: check
+CVE-2025-32313 (In UsageEvents of UsageEvents.java, there is a possible out of
bounds ...)
+ TODO: check
+CVE-2025-30062 (In the "CheckUnitCodeAndKey.pl" service, the "validateOrgUnit"
functio ...)
+ TODO: check
+CVE-2025-30044 (In the endpoints
"/cgi-bin/CliniNET.prd/utils/usrlogstat_simple.pl", " ...)
+ TODO: check
+CVE-2025-30042 (The CGM CLININET system provides smart card authentication;
however, a ...)
+ TODO: check
+CVE-2025-30035 (The vulnerability enables an attacker to fully bypass
authentication i ...)
+ TODO: check
+CVE-2025-14532 (DobryCMS's upload file functionality allows an unauthenticated
remote ...)
+ TODO: check
+CVE-2025-12462 (A Blind SQL injection vulnerability has been identified in
DobryCMS. A ...)
+ TODO: check
+CVE-2025-10350 (SQL Injection vulnerability in "imageserver" module when
processing C- ...)
+ TODO: check
+CVE-2024-50337 (Chamilo is a learning management system. Prior to version
1.11.28, the ...)
+ TODO: check
+CVE-2024-47886 (Chamilo is a learning management system. Chamillo is affected
by a pos ...)
+ TODO: check
+CVE-2024-43766 (In multiple functions of btm_ble_sec.cc, there is a possible
unencrypt ...)
+ TODO: check
+CVE-2024-31328 (In broadcastIntentLockedTraced of BroadcastController.java,
there is a ...)
+ TODO: check
CVE-2026-3422 (U-Office Force developed by e-Excellence has a Insecure
Deserializatio ...)
NOT-FOR-US: U-Office Force
CVE-2026-3413 (A flaw has been found in itsourcecode University Management
System 1.0 ...)
@@ -1749,7 +2141,7 @@ CVE-2024-48928 (Piwigo is an open source photo gallery
application for the web.
CVE-2024-1524 (When the "Silent Just-In-Time Provisioning" feature is enabled
for a f ...)
NOT-FOR-US: WSO2
CVE-2026-2793 (Memory safety bugs present in Firefox ESR 115.32, Firefox ESR
140.7, T ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1757,7 +2149,7 @@ CVE-2026-2793 (Memory safety bugs present in Firefox ESR
115.32, Firefox ESR 140
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2793
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2793
CVE-2026-2792 (Memory safety bugs present in Firefox ESR 140.7, Thunderbird
ESR 140.7 ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1768,7 +2160,7 @@ CVE-2026-2807 (Memory safety bugs present in Firefox 147
and Thunderbird 147. So
- firefox 148.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2807
CVE-2026-2791 (Mitigation bypass in the Networking: Cache component. This
vulnerabili ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1776,7 +2168,7 @@ CVE-2026-2791 (Mitigation bypass in the Networking: Cache
component. This vulner
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2791
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2791
CVE-2026-2790 (Same-origin policy bypass in the Networking: JAR component.
This vulne ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1787,7 +2179,7 @@ CVE-2026-2806 (Uninitialized memory in the Graphics: Text
component. This vulner
- firefox 148.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2806
CVE-2026-2789 (Use-after-free in the Graphics: ImageLib component. This
vulnerability ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1795,7 +2187,7 @@ CVE-2026-2789 (Use-after-free in the Graphics: ImageLib
component. This vulnerab
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2789
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2789
CVE-2026-2788 (Incorrect boundary conditions in the Audio/Video: GMP
component. This ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1803,7 +2195,7 @@ CVE-2026-2788 (Incorrect boundary conditions in the
Audio/Video: GMP component.
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2788
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2788
CVE-2026-2787 (Use-after-free in the DOM: Window and Location component. This
vulnera ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1814,7 +2206,7 @@ CVE-2026-2805 (Invalid pointer in the DOM: Core & HTML
component. This vulnerabi
- firefox 148.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2805
CVE-2026-2786 (Use-after-free in the JavaScript Engine component. This
vulnerability ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1825,7 +2217,7 @@ CVE-2026-2804 (Use-after-free in the JavaScript:
WebAssembly component. This vul
- firefox 148.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2804
CVE-2026-2785 (Invalid pointer in the JavaScript Engine component. This
vulnerability ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1833,7 +2225,7 @@ CVE-2026-2785 (Invalid pointer in the JavaScript Engine
component. This vulnerab
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2785
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2785
CVE-2026-2784 (Mitigation bypass in the DOM: Security component. This
vulnerability a ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1847,7 +2239,7 @@ CVE-2026-2802 (Race condition in the JavaScript: GC
component. This vulnerabilit
- firefox 148.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2802
CVE-2026-2783 (Information disclosure due to JIT miscompilation in the
JavaScript Eng ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1855,7 +2247,7 @@ CVE-2026-2783 (Information disclosure due to JIT
miscompilation in the JavaScrip
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2783
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2783
CVE-2026-2782 (Privilege escalation in the Netmonitor component. This
vulnerability a ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1866,7 +2258,7 @@ CVE-2026-2801 (Incorrect boundary conditions in the
JavaScript: WebAssembly comp
- firefox 148.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2801
CVE-2026-2781 (Integer overflow in the Libraries component in NSS. This
vulnerability ...)
- {DSA-6152-1 DSA-6149-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6149-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1877,7 +2269,7 @@ CVE-2026-2781 (Integer overflow in the Libraries
component in NSS. This vulnerab
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=2009552 (private)
NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/245385e16fa6
CVE-2026-2780 (Privilege escalation in the Netmonitor component. This
vulnerability a ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1888,7 +2280,7 @@ CVE-2026-2800 (Spoofing issue in the WebAuthn component
in Firefox for Android.
- firefox <not-affected> (Only affects Firefox on Android)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2800
CVE-2026-2779 (Incorrect boundary conditions in the Networking: JAR component.
This v ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1896,7 +2288,7 @@ CVE-2026-2779 (Incorrect boundary conditions in the
Networking: JAR component. T
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2779
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2779
CVE-2026-2778 (Sandbox escape due to incorrect boundary conditions in the DOM:
Core & ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1904,7 +2296,7 @@ CVE-2026-2778 (Sandbox escape due to incorrect boundary
conditions in the DOM: C
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2778
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2778
CVE-2026-2777 (Privilege escalation in the Messaging System component. This
vulnerabi ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1912,7 +2304,7 @@ CVE-2026-2777 (Privilege escalation in the Messaging
System component. This vuln
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2777
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2777
CVE-2026-2776 (Sandbox escape due to incorrect boundary conditions in the
Telemetry c ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1920,7 +2312,7 @@ CVE-2026-2776 (Sandbox escape due to incorrect boundary
conditions in the Teleme
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2776
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2776
CVE-2026-2775 (Mitigation bypass in the DOM: HTML Parser component. This
vulnerabilit ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1928,7 +2320,7 @@ CVE-2026-2775 (Mitigation bypass in the DOM: HTML Parser
component. This vulnera
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2775
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2775
CVE-2026-2774 (Integer overflow in the Audio/Video component. This
vulnerability affe ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1936,7 +2328,7 @@ CVE-2026-2774 (Integer overflow in the Audio/Video
component. This vulnerability
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2774
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2774
CVE-2026-2773 (Incorrect boundary conditions in the Web Audio component. This
vulnera ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1944,7 +2336,7 @@ CVE-2026-2773 (Incorrect boundary conditions in the Web
Audio component. This vu
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2773
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2773
CVE-2026-2772 (Use-after-free in the Audio/Video: Playback component. This
vulnerabil ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1952,7 +2344,7 @@ CVE-2026-2772 (Use-after-free in the Audio/Video:
Playback component. This vulne
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2772
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2772
CVE-2026-2771 (Undefined behavior in the DOM: Core & HTML component. This
vulnerabili ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1960,7 +2352,7 @@ CVE-2026-2771 (Undefined behavior in the DOM: Core & HTML
component. This vulner
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2771
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2771
CVE-2026-2770 (Use-after-free in the DOM: Bindings (WebIDL) component. This
vulnerabi ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1971,7 +2363,7 @@ CVE-2026-2799 (Use-after-free in the DOM: Core & HTML
component. This vulnerabil
- firefox 148.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2799
CVE-2026-2769 (Use-after-free in the Storage: IndexedDB component. This
vulnerability ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1982,7 +2374,7 @@ CVE-2026-2798 (Use-after-free in the DOM: Core & HTML
component. This vulnerabil
- firefox 148.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2798
CVE-2026-2768 (Sandbox escape in the Storage: IndexedDB component. This
vulnerability ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1990,7 +2382,7 @@ CVE-2026-2768 (Sandbox escape in the Storage: IndexedDB
component. This vulnerab
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2768
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2768
CVE-2026-2767 (Use-after-free in the JavaScript: WebAssembly component. This
vulnerab ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -1998,7 +2390,7 @@ CVE-2026-2767 (Use-after-free in the JavaScript:
WebAssembly component. This vul
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2767
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2767
CVE-2026-2766 (Use-after-free in the JavaScript Engine: JIT component. This
vulnerabi ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -2006,7 +2398,7 @@ CVE-2026-2766 (Use-after-free in the JavaScript Engine:
JIT component. This vuln
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2766
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2766
CVE-2026-2765 (Use-after-free in the JavaScript Engine component. This
vulnerability ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -2020,7 +2412,7 @@ CVE-2026-2796 (JIT miscompilation in the JavaScript:
WebAssembly component. This
- firefox 148.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2796
CVE-2026-2764 (JIT miscompilation, use-after-free in the JavaScript Engine:
JIT compo ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -2028,7 +2420,7 @@ CVE-2026-2764 (JIT miscompilation, use-after-free in the
JavaScript Engine: JIT
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2764
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2764
CVE-2026-2763 (Use-after-free in the JavaScript Engine component. This
vulnerability ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -2036,7 +2428,7 @@ CVE-2026-2763 (Use-after-free in the JavaScript Engine
component. This vulnerabi
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2763
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2763
CVE-2026-2762 (Integer overflow in the JavaScript: Standard Library component.
This v ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -2044,7 +2436,7 @@ CVE-2026-2762 (Integer overflow in the JavaScript:
Standard Library component. T
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2762
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2762
CVE-2026-2761 (Sandbox escape in the Graphics: WebRender component. This
vulnerabilit ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -2052,7 +2444,7 @@ CVE-2026-2761 (Sandbox escape in the Graphics: WebRender
component. This vulnera
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2761
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2761
CVE-2026-2760 (Sandbox escape due to incorrect boundary conditions in the
Graphics: W ...)
- {DSA-6148-1}
+ {DSA-6148-1 DLA-4496-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- tunderbird <unfixed>
@@ -2063,7 +2455,7 @@ CVE-2026-2795 (Use-after-free in the JavaScript: GC
component. This vulnerabilit
- firefox 148.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2795
CVE-2026-2759 (Incorrect boundary conditions in the Graphics: ImageLib
component. Thi ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -2071,7 +2463,7 @@ CVE-2026-2759 (Incorrect boundary conditions in the
Graphics: ImageLib component
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/#CVE-2026-2759
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-17/#CVE-2026-2759
CVE-2026-2758 (Use-after-free in the JavaScript: GC component. This
vulnerability aff ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
@@ -2082,7 +2474,7 @@ CVE-2026-2794 (Information disclosure due to
uninitialized memory in Firefox and
- firefox <not-affected> (Only affects Firefox on Android)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/#CVE-2026-2794
CVE-2026-2757 (Incorrect boundary conditions in the WebRTC: Audio/Video
component. Th ...)
- {DSA-6152-1 DSA-6148-1 DLA-4495-1}
+ {DSA-6152-1 DSA-6148-1 DLA-4496-1 DLA-4495-1}
- firefox 148.0-1
- firefox-esr 140.8.0esr-1
- thunderbird 1:140.8.0esr-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bddd0c799f0ed8b9dec75a4f1d747c345e9323e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bddd0c799f0ed8b9dec75a4f1d747c345e9323e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
