Linux Distros Unpatched Vulnerability : CVE-2025-29948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting ...

CVE-2025-29948

Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity...

MiracleLinux 4 : thunderbird-78.10.0-1.0.1.AXS4 (AXSA:2021-1718:08)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1718:08 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

MiracleLinux 8 : thunderbird-78.10.0-1.0.1.el8 (AXSA:2021-1726:09)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1726:09 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

CVE-2022-29948

Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...

Hikvision Video Recorders Command Injection (CVE-2024-29948)

There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

CVE-2024-29948

There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker could exploit this vulnerability by sending specially crafted messages to a vulnerable device, causing a service abnormality...

ROS-2-1238

2.1238 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948, CVE-2021-29950. 1. Vulnerability Description: Vulnerabilities allow a remote attacker to compromis...

SUSE CVE-2021-29948

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird 78.10...

Lepin EP-KP001 KP001_V19 Authentication Bypass Vulnerability

When analyzing the USB flash drive Lepin EP-KP001, Matthias Deeg found out that it uses an insecure hardware design which allows an attacker to bypass the password-based user authentication. Product: EP-KP001 Manufacturer: Lepin Affected Versions: KP001V19 Tested Versions: KP001V19 Vulnerability...

CVE-2022-29948

creationtimestamp| type| source ---|---|--- 2022-06-10 20:34:46+00:00| seen| https://t.me/cibsecurity/44213...

CVE-2022-29948

CVE-2022-29948 affects Lepin EP-KP001 (KP001_V19) USB flash drive. The root cause is insecure hardware design allowing an attacker to bypass password authentication by replacing the device’s microcontroller with one controlled by the attacker, whose passcode is known. This enables unlocking the e...

Mageia: Security Advisory (MGASA-2021-0198)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4995-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-29948

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird 78.10...

CVE-2021-29948

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird 78.10...

CVE-2021-29948

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird 78.10...

CVE-2021-29948

Thunderbird prior to 78.10.0 is affected by CVE-2021-29948, where signatures are written to disk before verification and may be at risk of a race condition if a local attacker replaces the file. Impact includes potential signature forgery; remediation is to upgrade Thunderbird to 78.10.0 or newer...

openSUSE Security Update : MozillaThunderbird (openSUSE-2021-644)

This update for MozillaThunderbird fixes the following issues : - Firefox was updated to 78.10.0 ESR bsc1184960 - CVE-2021-23994: Out of bound write due to lazy initialization - CVE-2021-23995: Use-after-free in Responsive Design Mode - CVE-2021-23998: Secure Lock icon could have been spoofed -...

GLSA-202104-09 : Mozilla Thunderbird: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202104-09 Mozilla Thunderbird: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CV...