CyberSecurityBoard
Sponsor Register Login

Mozilla Patches High Severity Vulnerabilities in Firefox and Thunderbird

Mozilla has released critical security updates addressing high severity vulnerabilities in Firefox and Thunderbird. These patches fix multiple CVEs that could allow remote code execution and privilege escalation. Users are urged to update immediately to protect against active exploitation. Stay informed on the latest Mozilla security patches and vulnerability management.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 21 Aug 2025 13:50:17 +0000


Cyber News related to Mozilla Patches High Severity Vulnerabilities in Firefox and Thunderbird

Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape - Mozilla on Tuesday announced security updates for both Firefox and Thunderbird, to address 21 vulnerabilities, including several memory safety issues. Firefox 121 was released with patches for 18 vulnerabilities, five of which have a 'high' severity ...
1 year ago Securityweek.com CVE-2023-6856 CVE-2023-6135 CVE-2023-6865 CVE-2023-6873 CVE-2023-6864
Firefox 137 Released With Fix for Multiple High Severity Vulnerabilities - This critical security update, announced on April 1, 2025, fixes several memory safety bugs and use-after-free vulnerabilities that posed significant risks to users of previous versions. The fixes in Firefox 137 and Thunderbird 137 included hardening ...
4 months ago Cybersecuritynews.com
Mozilla warns users to update Firefox before certificate expires - Mozilla is warning Firefox users to update their browsers to the latest version to avoid facing disruption and security risks caused by the upcoming expiration of one of the company's root certificates. "On 14 March a root certificate (the ...
5 months ago Bleepingcomputer.com
Multiple QNAP Severity Flaw Let Attackers Execute Remote Code - QNAP has released multiple security advisories for addressing several high, medium, and low-severity vulnerabilities in multiple products, including QTS, QuTS hero, Netatalk, Video Station, QuMagie, and QcalAgent. QNAP has also stated all the ...
1 year ago Gbhackers.com CVE-2023-39294 CVE-2023-39296 CVE-2023-47219 CVE-2023-47559 CVE-2023-47560 CVE-2023-41287 CVE-2023-41288 CVE-2022-43634 CVE-2023-41289
CVE-2006-1733 - Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute ...
6 years ago
Protecting User Privacy by Removing Personal Data from Data Broker Sites - As part of its new subscription service model, Mozilla Firefox is offering its users the possibility of finding and removing their personal and sensitive information from data brokers across the internet. To eliminate their phone numbers, e-mail, ...
1 year ago Cysecurity.news
CVE-2006-1732 - Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS) ...
6 years ago
Mozilla Patches High Severity Vulnerabilities in Firefox and Thunderbird - Mozilla has released critical security updates addressing high severity vulnerabilities in Firefox and Thunderbird. These patches fix multiple CVEs that could allow remote code execution and privilege escalation. Users are urged to update immediately ...
5 days ago Cybersecuritynews.com CVE-2024-12345 CVE-2024-12346 CVE-2024-12347 Mozilla
Splunk Patches High-Severity Vulnerabilities in Enterprise Product - Splunk on Monday announced patches for 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including six high-severity bugs. Three of the high-severity issues are remote code execution flaws that require authentication for successful ...
1 year ago Securityweek.com CVE-2024-36985 CVE-2024-36984
Splunk Patches High-Severity Vulnerabilities in Enterprise Product - Splunk on Monday announced patches for 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including six high-severity bugs. Three of the high-severity issues are remote code execution flaws that require authentication for successful ...
1 year ago Packetstormsecurity.com CVE-2024-36985 CVE-2024-36984
GitLab Patches: Severe SAML Authentication Bypass Flaw Fixed - Security Boulevard - In addition to these patches, OmniAuth SAML has been upgraded to version 2.2.1 and Ruby-SAML to 1.17.0. It’s worth mentioning that the issue only impacts self-managed instances; therefore, users of GitLab Dedicated instances do not need to take any ...
10 months ago Securityboulevard.com CVE-2024-45409
QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products - Taiwan-based QNAP Systems on Friday announced patches for a dozen vulnerabilities across its product portfolio, including high-severity flaws in its operating system. The bug affects QTS versions 5.1.x and QuTS hero versions h5.1.x and was resolved ...
1 year ago Securityweek.com CVE-2022-43634 CVE-2023-47559 CVE-2023-47560
Mozilla Urging Users to Update Firefox, Else Add-ons Will Stop Working - The company stated in its support documentation that “not updating Firefox before the root certificate expires can expose you to significant security threats. iOS users are not impacted due to Firefox on Apple’s mobile platform utilizing ...
5 months ago Cybersecuritynews.com
New ISC Security Patches Released for 2021: What You Need to Know - The Internet Systems Consortium (ISC), the largest provider of open-source Internet infrastructure software, has released new security patches designed to mitigate data breaches and other cyber threats. These new security patches, released in January ...
2 years ago Thehackernews.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
CVE-2025-8034 - Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with ...
1 month ago CVE-2025-8040
CVE-2025-9185 - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with ...
6 days ago
SAP's April 2024 Updates Patch High-Severity Vulnerabilities - Enterprise software maker SAP on Tuesday announced the release of 10 new and two updated security notes, including three notes that address high-severity vulnerabilities. Of SAP's April 2024 security notes, the most severe addresses a security ...
1 year ago Securityweek.com
Firefox 138 Released With Fix for Multiple High-severity Vulnerabilities - “By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation,” Mozilla ...
3 months ago Cybersecuritynews.com CVE-2025-4083
SAP Patches Critical Vulnerability in Business Technology Platform - German enterprise software maker SAP on Tuesday announced the release of 15 new and two updated security notes as part of its December 2023 Security Patch Day. Four of the December 2023 security notes have a severity rating of 'hot news', the highest ...
1 year ago Securityweek.com CVE-2023-49583
Oracle Security Update - Patch for 378 Vulnerabilities Including Remote Exploits - “Oracle strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay,” the company stated in its advisory. Oracle Database Server versions 19.3-19.26, 21.3-21.17, ...
4 months ago Cybersecuritynews.com
Zoom stomps critical privilege escalation bug, 6 other flaws The Register - Review and manage your consent Here's an overview of our use of cookies, similar technologies and how to manage them. Video conferencing giant Zoom today opened up about a fresh batch of security vulnerabilities affecting its products, including a ...
1 year ago Go.theregister.com CVE-2024-24691 CVE-2024-24690 CVE-2024-24695 CVE-2024-24696 CVE-2024-24697 CVE-2024-24698 CVE-2024-24699
DrayTek Routers at Risk From 14 New Vulnerabilities - The advice comes amid signs of growing threat actor activity — including by nation-state actors — targeting vulnerabilities in routers and other network devices from DrayTek and a variety of other vendors, including Fortinet, F5, QNAP, Ivanti, ...
10 months ago Darkreading.com CVE-2024-41592 CVE-2024-41585 CVE-2021-20123 CVE-2021-20124
ICS Patch Tuesday: Siemens Ruggedcom Devices Impacted by 45 Fortinet Vulnerabilities - Siemens and Schneider Electric have published their March 2024 Patch Tuesday security advisories, which cover more than 200 vulnerabilities affecting their products. Siemens has published 11 new advisories describing a total of 214 vulnerabilities. A ...
1 year ago Securityweek.com CVE-2024-21762 CVE-2023-27997 CVE-2022-41328
ICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis Vulnerability - Siemens and Schneider Electric have published their Patch Tuesday advisories for December 2023, addressing dozens of vulnerabilities affecting their products. Siemens has published 12 advisories that cover more than 30 vulnerabilities. The industrial ...
1 year ago Securityweek.com CVE-2022-42784 CVE-2022-0543

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)