Aggregator

A vulnerability classified as problematic has been found in Mozilla Thunderbird up to 140. This affects an unknown part of the component IP Address Change Handler. The manipulation leads to reliance on reverse dns resolution. This vulnerability is uniquely identified as CVE-2025-8036. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 140. It has been classified as problematic. Affected is an unknown function of the component Javascript Engine. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-8033. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 140. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Javascript Engine. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-8033. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

英国高等法院法官裁决，惠普在 2011 年收购英国软件公司 Autonomy 时被诱骗支付了过高的收购价，判决公司创始人 Mike Lynch 的遗产及其商业伙伴欠惠普 9.44 亿美元。Mike Lynch 曾被誉为是英国的比尔盖茨，他在去年的游艇事故中去世。惠普在 2011 年以 110 亿美元收购了 Autonomy，第二年就减记 88 亿美元，惠普随后指控 Autonomy 存在严重会计违规操作行为。公司创始人 Mike Lynch 以及财务副总裁 Steve Chamberlain 都受到欺诈指控。然而悲剧的是，去年 8 月短短三天内两位被告先后死亡。Chamberlain 在位于剑桥郡 Stretham 的家附近跑步时被汽车撞死。Lynch 的超级游艇贝叶斯号(Bayesian)随后因风暴在西西里海岸沉没，有 6 人死亡，其中包括 Lynch 本人及其 18 岁女儿 Hanna，他的妻子 Angela Bacares 获救。这次旅行是为了庆祝他无罪释放。Lynch 的遗产估计价值 6.74 亿美元，如果支付其欠款份额那么它可能会破产。

A vulnerability has been found in Mozilla Firefox up to 140 and classified as problematic. This vulnerability affects unknown code of the component CSP Report Handler. The manipulation leads to information exposure through debug log file. This vulnerability was named CVE-2025-8031. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 140 and classified as problematic. This issue affects some unknown processing of the component CSP Report Handler. The manipulation leads to information exposure through debug log file. The identification of this vulnerability is CVE-2025-8031. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 140. Affected by this issue is some unknown functionality of the component Copy as cURL Handler. The manipulation leads to code injection. This vulnerability is handled as CVE-2025-8030. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Thunderbird up to 140. This affects an unknown part of the component Copy as cURL Handler. The manipulation leads to code injection. This vulnerability is uniquely identified as CVE-2025-8030. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mozilla Firefox up to 140. Affected is an unknown function of the component javascript URL Handler. The manipulation leads to code injection. This vulnerability is traded as CVE-2025-8029. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Mozilla Thunderbird up to 140. Affected by this vulnerability is an unknown functionality of the component javascript URL Handler. The manipulation leads to code injection. This vulnerability is known as CVE-2025-8029. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

即便是稳定运行了数十年的核心协议，在引入新功能时也可能暴露出致命的、意想不到的攻击面

A vulnerability was found in Mozilla Thunderbird up to 140 on ARM64. It has been rated as critical. This issue affects the function br_table of the component WASM. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2025-8028. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 140 on ARM64. It has been declared as critical. This vulnerability affects the function br_table of the component WASM. The manipulation leads to memory corruption. This vulnerability was named CVE-2025-8028. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 140 on 64-bit and classified as critical. Affected by this issue is some unknown functionality of the component IonMonkey-JIT. The manipulation leads to unchecked return value. This vulnerability is handled as CVE-2025-8027. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 140 on 64-bit. It has been classified as critical. This affects an unknown part of the component IonMonkey-JIT. The manipulation leads to unchecked return value. This vulnerability is uniquely identified as CVE-2025-8027. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in ViewVC up to 1.1.30/1.2.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file standalone.py. The manipulation leads to path traversal. This vulnerability is known as CVE-2025-54141. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in OISF suricata up to 7.0.10/8.0.0-rc1. Affected is an unknown function of the component HTTP2 Handler. The manipulation leads to allocation of resources. This vulnerability is traded as CVE-2025-53538. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. This issue affects some unknown processing. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2025-54453. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Schneider Electricが提供する複数の製品には、複数の脆弱性が存在します。

Schneider Electricが提供する複数の製品には、複数の脆弱性が存在します。