Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

145 matches found

OSV
OSVadded 2025/07/29 1:40 p.m.2 views

RLSA-2025:7435 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

7.4CVSS7AI score0.00106EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2025/05/07 12:59 p.m.6 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update ...

6.4CVSS6.9AI score0.00106EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2025/05/07 8:33 a.m.12 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

6.4CVSS6.9AI score0.00106EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2025/05/07 12:0 a.m.4 views

RHEL 8 : thunderbird (RHSA-2025:4649)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4649 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachmen...

6.4CVSS7AI score0.00106EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2025/05/06 7:51 a.m.8 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

6.4CVSS6.9AI score0.00106EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2025/05/06 7:45 a.m.6 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

6.4CVSS6.9AI score0.00106EPSS
Exploits0References4
OpenVAS
OpenVASadded 2025/04/28 12:0 a.m.11 views

openSUSE Security Advisory (SUSE-SU-2025:1366-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.9AI score0.00106EPSS
Exploits0References4
OSV
OSVadded 2025/04/28 12:0 a.m.10 views

ALSA-2025:4229 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

6.4CVSS6.3AI score0.00106EPSS
Exploits0References8
OPENSUSE Linux
OPENSUSE Linuxadded 2025/04/17 12:0 a.m.4 views

MozillaThunderbird-128.9.2-1.1 on GA media (moderate)

MozillaThunderbird-128.9.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:15000-1 Rating: moderate Cross-References: CVE-2025-2830 CVE-2025-3522 CVE-2025-3523 CVSS scores: CVE-2025-2830 SUSE : 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2025-2830 SUSE : 4.6...

7.4CVSS7.4AI score0.00106EPSS
Exploits0
OpenVAS
OpenVASadded 2025/04/16 12:0 a.m.10 views

Slackware: Security Advisory (SSA:2025-105-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.6AI score0.00106EPSS
Exploits0References7
Circl
Circladded 2025/04/15 7:57 p.m.0 views

CVE-2025-3522

creationtimestamp| type| source ---|---|--- 2025-04-15 19:57:14+00:00| seen| https://t.me/cvedetector/22972...

6.3CVSS6.4AI score0.001EPSS
Exploits0References1
AlpineLinux
AlpineLinuxadded 2025/04/15 3:16 p.m.1 views

CVE-2025-3522

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

6.3CVSS7.1AI score0.001EPSS
Exploits0References3
NVD
NVDadded 2025/04/15 3:16 p.m.10 views

CVE-2025-3522

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

6.3CVSS0.001EPSS
Exploits0References3
OSV
OSVadded 2025/04/15 3:16 p.m.0 views

UBUNTU-CVE-2025-3522

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

6.3CVSS6.7AI score0.001EPSS
Exploits0References7
Debian CVE
Debian CVEadded 2025/04/15 3:6 p.m.7 views

CVE-2025-3522

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

6.3CVSS6.5AI score0.001EPSS
Exploits0
Cvelist
Cvelistadded 2025/04/15 3:6 p.m.13 views

CVE-2025-3522 Leak of hashed Window credentials via crafted attachment URL

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validate...

0.001EPSS
Exploits0References3
CVE
CVEadded 2025/04/15 3:6 p.m.111 views

CVE-2025-3522

Summary of CVE-2025-3522 (Thunderbird) : Thunderbird improperly processes the X-Mozilla-External-Attachment-URL header used for external attachments. When opening an email, Thunderbird fetches the URL to determine file size and may navigate to it when attaching is clicked. The URL is not validate...

6.3CVSS6.7AI score0.001EPSS
Exploits0References3Affected Software1
Circl
Circladded 2025/02/25 8:23 p.m.2 views

GHSA-F7JP-P6J4-3522

creationtimestamp| type| source ---|---|--- 2025-02-25 20:23:04+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5375...

4.8AI score
Exploits0References1
Cvelist
Cvelistadded 2024/04/09 11:0 p.m.15 views

CVE-2024-3522 Campcodes Online Event Management System process.php sql injection

A vulnerability classified as critical has been found in Campcodes Online Event Management System 1.0. This affects an unknown part of the file /api/process.php. The manipulation of the argument userId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS7.1AI score0.00126EPSS
Exploits1References4
CVE
CVEadded 2024/04/09 11:0 p.m.81 views

CVE-2024-3522

Campcodes Online Event Management System 1.0 is affected by a SQL injection in /api/process.php via the userId parameter. Root cause: improper handling of user-supplied input leads to injection. Impact is described as high for confidentiality, integrity, and availability, with remote exploitation...

8.8CVSS6.8AI score0.00126EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder