CyberSecurityBoard
Sponsor Register Login

Firefox 135.0.1 Released with Fix for High-Severity Memory Safety Vulnerabilities

Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. This release underscores Mozilla’s ongoing efforts to mitigate browser vulnerabilities amid escalating cyber threats targeting web infrastructure. Mozilla also enhanced security for users with custom search engines, resolving crashes caused by oversized icon files during updates. These fixes, while less severe than the memory safety patches, highlight the browser’s iterative approach to balancing performance and security. She is covering various cyber security incidents happening in the Cyber Space. The Common Vulnerability Scoring System (CVSS v4.0) rated this flaw 6.1 (High) due to its network-based exploitation vector and potential for full system compromise. Administrators can further mitigate risks by restricting access to untrusted websites and employing network segmentation to limit lateral movement post-exploitation. Successful exploitation could lead to credential theft, malware deployment, or lateral movement within enterprise networks. Meanwhile, end-users must remain vigilant, ensuring automatic updates are enabled to receive critical fixes promptly.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 19 Feb 2025 10:40:16 +0000


Cyber News related to Firefox 135.0.1 Released with Fix for High-Severity Memory Safety Vulnerabilities

CVE-2022-48631 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
CVE-2018-0688 - Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, ...
6 years ago
CVE-2018-0689 - HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September ...
6 years ago
Teaching Digital Literacy and Online Safety - It is crucial for educators to prioritize teaching online safety to ensure that students are equipped with the necessary skills to protect themselves online. This article aims to explore the importance of teaching digital literacy and online safety, ...
1 year ago Securityzap.com
Role of Parents in Teaching Online Safety - In today's digital landscape, where children are increasingly exposed to the vast world of the internet, the role of parents in teaching online safety has become paramount. Parents should have regular conversations with their kids about the ...
1 year ago Securityzap.com
Multiple QNAP Severity Flaw Let Attackers Execute Remote Code - QNAP has released multiple security advisories for addressing several high, medium, and low-severity vulnerabilities in multiple products, including QTS, QuTS hero, Netatalk, Video Station, QuMagie, and QcalAgent. QNAP has also stated all the ...
1 year ago Gbhackers.com
Online safety laws: What's in store for children's digital playgrounds? - As children's safety and privacy online becomes a matter of increasing urgency, lawmakers around the world push ahead on new regulations in the digital realm. Tomorrow is Safer Internet Day, an annual awareness campaign that started in Europe in 2004 ...
2 years ago Welivesecurity.com
Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape - Mozilla on Tuesday announced security updates for both Firefox and Thunderbird, to address 21 vulnerabilities, including several memory safety issues. Firefox 121 was released with patches for 18 vulnerabilities, five of which have a 'high' severity ...
1 year ago Securityweek.com
CVE-2022-30315 - Honeywell Experion PKS Safety Manager (SM and FSC) through 2022-05-06 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0053, there is a Honeywell Experion PKS Safety Manager insufficient logic security controls issue. The ...
1 year ago
Safeguarding Children and Vulnerable Groups Online Strategies for Enhancing Online Safety in Digital Communities - As the younger generations get more involved with these online communities, they can also be targets for cyberbullies, hackers, scammers, online predators, and much worse. As the internet landscape continues to evolve, online forums and group chat ...
1 year ago Cyberdefensemagazine.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
1 year ago Securityzap.com
CISA Report Finds Most Open-Source Projects Contain Memory-Unsafe Code - More than half of open-source projects contain code written in a memory-unsafe language, a report from the U.S.'s Cybersecurity and Infrastructure Security Agency has found. Memory-unsafe means the code allows for operations that can corrupt memory, ...
7 months ago Techrepublic.com
Warren PD Launches Mark43 Records Management System - Mark43, a leading cloud-native public safety software company that took home Top Awards for Best Disaster Preparedness and Disaster Recovery Solution in the 2023 'ASTORS' Homeland Security Awards Program, is pleased to announce the official ...
1 year ago Americansecuritytoday.com
CVE-2020-5252 - The command-line "safety" package for Python has a potential security issue. There are two Python characteristics that allow malicious code to “poison-pill” command-line Safety package detection routines by disguising, or obfuscating, ...
4 years ago
Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs - Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution ...
11 months ago Bleepingcomputer.com
Is TikTok Safe for Kids? - As the TikTok craze continues to spread worldwide, many parents wonder about the safety implications of the app their kids can't get enough of, particularly if their kids are on the younger side. TikTok features mature user content that may require ...
1 year ago Pandasecurity.com
Zoom stomps critical privilege escalation bug, 6 other flaws The Register - Review and manage your consent Here's an overview of our use of cookies, similar technologies and how to manage them. Video conferencing giant Zoom today opened up about a fresh batch of security vulnerabilities affecting its products, including a ...
1 year ago Go.theregister.com
Power of Flexible Tech: Applying Conference Room Tech to Front Lines - We work with public safety, government, defense, security, and enterprise organizations to help them use unmanned systems, from drones to ground robotics, to enhance their situational awareness and streamline operations. The level of insight these ...
1 year ago Americansecuritytoday.com
CISA's Flags Memory-Unsafe Code in Major Open Source Projects - A comprehensive new study has unearthed fresh details on the extensive and troubling use of memory-unsafe code in major open source software projects. The chances that fresh insight on a long known issue will spur any immediate changes to the ...
7 months ago Darkreading.com
Zoom Mobile & Desktop App Flaw Let Attackers Escalate Privileges - The popular video conferencing software Zoom has security issues with its desktop and mobile apps that could allow for privilege escalation. An attacker may be able to obtain elevated privileges within the application or the operating system by ...
1 year ago Cybersecuritynews.com
SAP Patches Critical Vulnerability in Business Technology Platform - German enterprise software maker SAP on Tuesday announced the release of 15 new and two updated security notes as part of its December 2023 Security Patch Day. Four of the December 2023 security notes have a severity rating of 'hot news', the highest ...
1 year ago Securityweek.com
Splunk Patches High-Severity Vulnerabilities in Enterprise Product - Splunk on Monday announced patches for 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including six high-severity bugs. Three of the high-severity issues are remote code execution flaws that require authentication for successful ...
7 months ago Securityweek.com
Splunk Patches High-Severity Vulnerabilities in Enterprise Product - Splunk on Monday announced patches for 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including six high-severity bugs. Three of the high-severity issues are remote code execution flaws that require authentication for successful ...
7 months ago Packetstormsecurity.com
Five Eyes Agencies Publish Guidance on Eliminating Memory Safety Bugs - Government agencies in the US, UK, Canada, Australia, and New Zealand have published guidance for software makers to eliminate memory safety vulnerabilities. The document, named Case for Memory Safe Roadmaps, recommends the adoption of memory safe ...
1 year ago Securityweek.com
ICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis Vulnerability - Siemens and Schneider Electric have published their Patch Tuesday advisories for December 2023, addressing dozens of vulnerabilities affecting their products. Siemens has published 12 advisories that cover more than 30 vulnerabilities. The industrial ...
1 year ago Securityweek.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)