Lucene search
K

80 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : thunderbird-102.6.0-2.el9.ML.1 (AXSA:2023-5063:07)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5063:07 advisory. Mozilla: Arbitrary file read from a compromised content process CVE-2022-46872 Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbir...

9.8CVSS8.5AI score0.00921EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-46874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could...

8.8CVSS8.2AI score0.00884EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.25 views

Amazon Linux 2 : firefox (ALASFIREFOX-2023-008)

The version of firefox installed on the remote host is prior to 102.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-008 advisory. The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process cou...

9.8CVSS8.4AI score0.00921EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2023/05/03 12:0 a.m.22 views

GLSA-202305-06 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-06 Mozilla Firefox: Multiple Vulnerabilities - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox This bug only affects Thunderbird for Linux...

9.8CVSS8.5AI score0.00921EPSS
Exploits0References24
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.2 views

SUSE CVE-2022-46874

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.Note: This issue was originally included in the advisories for Thunderbird...

8.8CVSS8AI score0.00884EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/01/14 12:0 a.m.23 views

Rocky Linux 8 : firefox (RLSA-2022:9067)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:9067 advisory. - A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox This bug only affects...

9.8CVSS8.4AI score0.00921EPSS
Exploits0References13
OpenVAS
OpenVAS
added 2023/01/11 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-5782-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.00892EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2023/01/10 6:37 a.m.73 views

USN-5782-3: Firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

8.3AI score0.00892EPSS
Exploits0References1
OSV
OSV
added 2023/01/05 1:30 p.m.12 views

USN-5782-2 firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

6.1AI score
Exploits0References2
OpenVAS
OpenVAS
added 2023/01/02 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2022-0484)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.7AI score0.00884EPSS
Exploits0References5
Mageia
Mageia
added 2022/12/30 10:39 p.m.51 views

Updated thunderbird packages fix security vulnerability

Drag and Dropped Filenames could have been truncated to malicious extensions. CVE-2022-46874...

8.8CVSS2.4AI score0.00884EPSS
Exploits0References3
OSV
OSV
added 2022/12/30 10:39 p.m.4 views

MGASA-2022-0484 Updated thunderbird packages fix security vulnerability

Drag and Dropped Filenames could have been truncated to malicious extensions. CVE-2022-46874...

8.8CVSS9.3AI score0.00884EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/12/30 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2022:4636-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.5AI score0.00884EPSS
Exploits0References2
OSV
OSV
added 2022/12/29 1:2 p.m.4 views

SUSE-SU-2022:4636-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to version 102.6.1 fixed: Remote content did not load in user-defined signatures fixed: Addons that added new action buttons were not shown for addon upgrades, requiring removal and reinstall fixed: Various stability improvemen...

8.8CVSS9.4AI score0.00884EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/12/29 12:0 a.m.23 views

Mozilla Thunderbird Security Advisories (MFSA2022-54, MFSA2022-54) - Mac OS X

Thunderbird is prone to a file extension manipulation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS8.7AI score0.00884EPSS
Exploits0References1
ALT Linux
ALT Linux
added 2022/12/29 12:0 a.m.19 views

Security fix for the ALT Linux 10 package thunderbird version 102.6.1-alt1

102.6.1-alt1 built Dec. 29, 2022 Pavel Vasenkov in task 312281 Dec. 23, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions...

9.5AI score0.00884EPSS
Exploits0
ALT Linux
ALT Linux
added 2022/12/23 12:0 a.m.36 views

Security fix for the ALT Linux 10 package thunderbird version 102.6.0-alt1

102.6.0-alt1 built Dec. 23, 2022 Pavel Vasenkov in task 311857 Dec. 16, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-4687...

9.3AI score0.00921EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/12/23 12:0 a.m.24 views

Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2022-355-01)

The version of mozilla-thunderbird installed on the remote host is prior to 102.6.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-355-01 advisory. - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious...

8.8CVSS8.4AI score0.00884EPSS
Exploits0References1
OSV
OSV
added 2022/12/22 8:15 p.m.5 views

CVE-2022-46874

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.Note: This issue was originally included in the advisories for Thunderbird...

8.8CVSS8.6AI score
Exploits0References7
OSV
OSV
added 2022/12/22 8:15 p.m.2 views

DEBIAN-CVE-2022-46874

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.Note: This issue was originally included in the advisories for Thunderbird...

8.8CVSS8.2AI score0.00884EPSS
Exploits0References1
Rows per page
Query Builder