VDB
GCVE-110-MAGEIA-2025-247
GCVE-110-MAGEIA-2025-247
Advisory Published
CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance()
CVE-2025-11709: Out of bounds read/write in a privileged process
triggered by WebGL textures
CVE-2025-11710: Cross-process information leaked due to malicious IPC
messages
CVE-2025-11711: Some non-writable Object properties could be modified
CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior
on web resources without a content-type
CVE-2025-11713: Potential user-assisted code execution in “Copy as cURL”
command
CVE-2025-11714: Memory safety bugs fixed in Firefox ESR 115.29, Firefox
ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144
CVE-2025-11715: Memory safety bugs fixed in Firefox ESR 140.4,
Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144, and other
security fixes; please see the links.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | thunderbird | 0 (affected), 140.4.0-1.2.mga9 (unaffected) | — |
| Mageia | thunderbird-l10n | 0 (affected), 140.4.0-1.mga9 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.