Lucene search
+L

21 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.6 views

SUSE CVE-2020-15685

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird 78.7...

6.1CVSS9.1AI score0.00848EPSS
Exploits1References7
Circl
Circl
added 2022/12/22 10:20 p.m.7 views

CVE-2020-15685

creationtimestamp| type| source ---|---|--- 2022-12-22 22:20:15+00:00| seen| https://t.me/cibsecurity/55147...

8.8CVSS8AI score0.00848EPSS
Exploits1References1
OSV
OSV
added 2022/12/22 8:15 p.m.8 views

CVE-2020-15685

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird 78.7...

8.8CVSS8.5AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/22 12:0 a.m.4 views

CVE-2020-15685

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird 78.7...

8.6AI score0.00848EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/12/22 12:0 a.m.25 views

CVE-2020-15685

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird 78.7...

8.5AI score0.00848EPSS
Exploits1References2
CVE
CVE
added 2022/12/22 12:0 a.m.123 views

CVE-2020-15685

CVE-2020-15685 affects Thunderbird prior to 78.7. During the plaintext phase of STARTTLS, protocol commands could be injected and evaluated within the encrypted session. Affected product: Thunderbird (before 78.7). Root cause: insufficient validation during STARTTLS plaintext phase. Impact: poten...

8.8CVSS8.4AI score0.00848EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2022/12/22 12:0 a.m.30 views

CVE-2020-15685

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird 78.7...

8.8CVSS8.9AI score0.00848EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2022/12/22 12:0 a.m.51 views

CVE-2020-15685

During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird 78.7...

8.8CVSS8.7AI score0.00848EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/04/16 12:0 a.m.25 views

openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2021:0209-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.4AI score0.01556EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/16 12:0 a.m.27 views

openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2021:0208-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.4AI score0.01556EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/02/17 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-4736-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.01556EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.33 views

Ubuntu 20.10 : Thunderbird vulnerabilities (USN-4736-1)

The remote Ubuntu 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4736-1 advisory. Several security issues were fixed in Thunderbird. Tenable has extracted the preceding description block directly from the Ubuntu security advisory. Note tha...

8.8CVSS7.3AI score0.01556EPSS
Exploits1References7
ArchLinux
ArchLinux
added 2021/02/06 12:0 a.m.225 views

[ASA-202102-2] thunderbird: multiple issues

Arch Linux Security Advisory ASA-202102-2 ========================================= Severity: High Date : 2021-02-06 CVE-ID : CVE-2020-15685 CVE-2020-26976 CVE-2021-23953 CVE-2021-23954 CVE-2021-23960 CVE-2021-23964 Package : thunderbird Type : multiple issues Remote : Yes Link :...

8.8CVSS0.9AI score0.01556EPSS
Exploits1References23
Mageia
Mageia
added 2021/02/04 1:40 p.m.51 views

Updated thunderbird packages fix security vulnerabilities

Cross-origin information leakage via redirected PDF requests. CVE-2021-23953 Type confusion when using logical assignment operators in JavaScript switch statements. CVE-2021-23954 IMAP Response Injection when using STARTTLS. CVE-2020-15685 HTTPS pages could have been intercepted by a registered...

8.8CVSS1.1AI score0.01556EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/02/03 12:0 a.m.80 views

RHEL 8 : thunderbird (RHSA-2021:0397)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0397 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Security Fixes: Mozilla:...

8.8CVSS7.6AI score0.01556EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.69 views

openSUSE Security Update : MozillaThunderbird (openSUSE-2021-208)

This update for MozillaThunderbird fixes the following issues : - Mozilla Thunderbird was updated to 78.7.0 ESR MFSA 2021-05, bsc1181414 - CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests - CVE-2021-23954: Fixed a type confusion when using logical assignment...

8.8CVSS7.2AI score0.01556EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.45 views

GLSA-202102-02 : Mozilla Thunderbird: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202102-02 Mozilla Thunderbird: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CV...

8.8CVSS7.3AI score0.01556EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.71 views

openSUSE Security Update : MozillaThunderbird (openSUSE-2021-209)

This update for MozillaThunderbird fixes the following issues : - Mozilla Thunderbird was updated to 78.7.0 ESR MFSA 2021-05, bsc1181414 - CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests - CVE-2021-23954: Fixed a type confusion when using logical assignment...

8.8CVSS7.2AI score0.01556EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.66 views

CentOS 8 : thunderbird (CESA-2021:0298)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:0298 advisory. - Mozilla: IMAP Response Injection when using STARTTLS CVE-2020-15685 - Mozilla: HTTPS pages could have been intercepted by a registered service worker...

8.8CVSS7.4AI score0.01556EPSS
Exploits1References7
Debian
Debian
added 2021/01/31 9:10 p.m.87 views

[SECURITY] [DSA 4842-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4842-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 31, 2021 https://www.debian.org/security/faq -...

8.8CVSS8.7AI score0.01556EPSS
Exploits1
Rows per page
Query Builder