Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution

Read Time:36 Second

Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.

Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client.

Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

USN-7433-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick did not properly limit image dimensions, which could lead to excessive memory consumption. An attacker...

April 14, 2025

openiked-7.4-2.fc42

FEDORA-2025-f55f140c15 Packages in this update: openiked-7.4-2.fc42 Update description: Updated to new release 7.4 Read More

April 13, 2025

83 vulnerabilities in Vasion Print / PrinterLogic

Posted by Pierre Kim on Apr 13 No message preview for long message of 656780 bytes. Read More

April 13, 2025

[CVE-2025-32102, CVE-2025-32103] SSRF and Directory Traversal in CrushFTP 10.7.1 and 11.1.0 (as well as legacy 9.x)

Posted by Rafael Pedrero on Apr 13 <!-- # Exploit Title: Server-Side Request Forgery (SSRF) in CrushFTP 10.7.1 and 11.1.0...

April 13, 2025

Re: APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

Posted by Nick Boyce on Apr 13 [Complete Apple product novice here (my devices all run a non-Apple OS), but...

April 13, 2025

[KIS-2025-01] UNA CMS <= 14.0.0-RC4 (BxBaseMenuSetAclLevel.php) PHP Object Injection Vulnerability

Posted by Egidio Romano on Apr 13 ------------------------------------------------------------------------------------ UNA CMS <= 14.0.0-RC4 (BxBaseMenuSetAclLevel.php) PHP Object Injection Vulnerability ------------------------------------------------------------------------------------ [-] Software...

April 13, 2025

NVD Revamps Operations as Vulnerability Reporting Surges

Friday Squid Blogging: Squid and Efficient Solar Tech

Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today

AI Vulnerability Finding

Ransomware reaches a record high, but payouts are dwindling

Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems

Reimagining Democracy

China-based SMS Phishing Triad Pivots to Banks

Google Cloud: China Achieves “Cyber Superpower” Status

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution

USN-7433-1: GraphicsMagick vulnerabilities

openiked-7.4-2.fc42

83 vulnerabilities in Vasion Print / PrinterLogic

[CVE-2025-32102, CVE-2025-32103] SSRF and Directory Traversal in CrushFTP 10.7.1 and 11.1.0 (as well as legacy 9.x)

Re: APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

[KIS-2025-01] UNA CMS <= 14.0.0-RC4 (BxBaseMenuSetAclLevel.php) PHP Object Injection Vulnerability