Lucene search
+L

75 matches found

Mozilla
Mozilla
added 2020/07/16 12:0 a.m.57 views

Security Vulnerabilities fixed in Thunderbird 78 — Mozilla

When %2F was present in a manifest URL, Thunderbird's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. A VideoStreamEncoder may have been freed in a race...

9.3CVSS8.6AI score0.03034EPSS
Exploits3References14Affected Software1
OSV
OSV
added 2020/07/15 12:42 p.m.12 views

OPENSUSE-SU-2020:0967-1 Security update for MozillaThunderbird

This update for MozillaThunderbird to version 68.10.0 ESR fixes the following issues: - CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 bsc1173576. - CVE-2020-12418: Information disclosure due to manipulated URL object bsc1173576. - CVE-2020-12419:...

9.3CVSS7.6AI score0.03034EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2020/07/15 12:0 a.m.36 views

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20200714)

Security Fixes : - Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 CVE-2020-12417 - Mozilla: Information disclosure due to manipulated URL object CVE-2020-12418 - Mozilla: Use-after-free in nsGlobalWindowInner CVE-2020-12419 - Mozilla: Use-After-Free when trying to...

9.3CVSS7.7AI score0.03034EPSS
Exploits2References6
OPENSUSE Linux
OPENSUSE Linux
added 2020/07/15 12:0 a.m.44 views

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2020:0967-1 Rating: important References: 1173576 Cross-References: CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 Affected Products: openSUSE Leap 15.1 An update that fixes 5...

9.3CVSS8.3AI score0.03034EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2020/07/14 11:37 a.m.60 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.3CVSS6.9AI score0.03034EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2020/07/14 11:37 a.m.4 views

Mozilla: Add-On updates did not respect the same certificate trust rules as software updates

The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...

6.5CVSS7.3AI score0.01843EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/07/14 11:16 a.m.52 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

9.3CVSS6.9AI score0.03034EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2020/07/14 12:0 a.m.34 views

RHEL 8 : thunderbird (RHSA-2020:2907)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2907 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Security Fixes: Mozilla:...

9.3CVSS7.9AI score0.03034EPSS
Exploits2References14
OSV
OSV
added 2020/07/13 1:7 p.m.8 views

SUSE-SU-2020:1900-1 Security update for MozillaThunderbird

This update for MozillaThunderbird to version 68.10.0 ESR fixes the following issues: - CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 bsc1173576. - CVE-2020-12418: Information disclosure due to manipulated URL object bsc1173576. - CVE-2020-12419:...

9.3CVSS7.6AI score0.03034EPSS
Exploits2References7
OSV
OSV
added 2020/07/13 1:6 p.m.6 views

SUSE-SU-2020:1899-1 Security update for MozillaFirefox

This update for MozillaFirefox to version 78.0.1 ESR fixes the following issues: Security issues fixed: - CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing bsc1173576. - CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster bsc1173576. - CVE-2020-12417: Memor...

9.3CVSS8AI score0.03034EPSS
Exploits4References18
Tenable Nessus
Tenable Nessus
added 2020/07/10 12:0 a.m.40 views

CentOS 7 : firefox (RHSA-2020:2827)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2827 advisory. - Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially...

9.3CVSS7.8AI score0.03034EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2020/07/10 12:0 a.m.38 views

CentOS 6 : firefox (RHSA-2020:2824)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2824 advisory. - Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This...

9.3CVSS8AI score0.03034EPSS
Exploits1References5
NVD
NVD
added 2020/07/09 3:15 p.m.17 views

CVE-2020-12421

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR 68.10...

6.5CVSS0.01843EPSS
Exploits0References11
OSV
OSV
added 2020/07/09 3:15 p.m.1 views

DEBIAN-CVE-2020-12421

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR 68.10...

6.5CVSS7.2AI score0.01843EPSS
Exploits0References1
OSV
OSV
added 2020/07/09 3:15 p.m.10 views

CVE-2020-12421

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR 68.10...

6.5CVSS8AI score
Exploits0References11
Prion
Prion
added 2020/07/09 3:15 p.m.22 views

Code injection

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR 68.10...

4.3CVSS6.4AI score0.01843EPSS
Exploits0References11Affected Software4
Cvelist
Cvelist
added 2020/07/09 2:39 p.m.11 views

CVE-2020-12421

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR 68.10...

6.9AI score0.01843EPSS
Exploits0References11
CVE
CVE
added 2020/07/09 2:39 p.m.262 views

CVE-2020-12421

CVE-2020-12421 describes a flaw where add-on updates could reject certificate chains terminating in non-built-in roots, causing add-ons to appear out-of-date without user notification. Public advisories place affected products as Mozilla Firefox ESR (<68.10) and Firefox (<78) and Thunderbird (

6.5CVSS6.7AI score0.01843EPSS
Exploits0References11Affected Software3
Debian CVE
Debian CVE
added 2020/07/09 2:39 p.m.33 views

CVE-2020-12421

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR 68.10...

6.5CVSS7.9AI score0.01843EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.34 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Thunderbird vulnerabilities (USN-4421-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4421-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a...

9.3CVSS7.4AI score0.03034EPSS
Exploits3References11
Rows per page
Query Builder