MiracleLinux 9 : thunderbird-102.6.0-2.el9.ML.1 (AXSA:2023-5063:07)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5063:07 advisory. Mozilla: Arbitrary file read from a compromised content process CVE-2022-46872 Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbir...

Linux Distros Unpatched Vulnerability : CVE-2022-46874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could...

CVE-2025-46874

creationtimestamp| type| source ---|---|--- 2025-06-10 22:32:40+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18013...

CVE-2024-46874

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud...

CVE-2024-46874

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud...

CVE-2024-46874

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud...

CVE-2024-46874 Ruijie Reyee OS Improper Handling of Insufficient Permissions or Privileges

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud...

CVE-2024-46874

CVE-2024-46874 affects Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x. The root causes include a weak MQTT credential mechanism and features that allow an authenticated MQTT client (with device credentials) to publish to topics, view/exfiltrate data, invalidate sessions, and iss...

CVE-2024-46874

creationtimestamp| type| source ---|---|--- 2024-12-03 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01 2024-12-06 18:26:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113607286230169597 2024-12-06 20:38:59+00:00| seen| https://t.me/cvedetector/122...

Amazon Linux 2 : firefox (ALASFIREFOX-2023-008)

The version of firefox installed on the remote host is prior to 102.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-008 advisory. The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process cou...

GLSA-202305-06 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-06 Mozilla Firefox: Multiple Vulnerabilities - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox This bug only affects Thunderbird for Linux...

SUSE CVE-2022-46874

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.Note: This issue was originally included in the advisories for Thunderbird...

Rocky Linux 8 : firefox (RLSA-2022:9067)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:9067 advisory. - A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox This bug only affects...

Ubuntu: Security Advisory (USN-5782-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5782-3: Firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

USN-5782-2 firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

Mageia: Security Advisory (MGASA-2022-0484)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0484 Updated thunderbird packages fix security vulnerability

Drag and Dropped Filenames could have been truncated to malicious extensions. CVE-2022-46874...

Updated thunderbird packages fix security vulnerability

Drag and Dropped Filenames could have been truncated to malicious extensions. CVE-2022-46874...

SUSE: Security Advisory (SUSE-SU-2022:4636-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...