Lucene search
+L

48 matches found

nessus
nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : firefox-102.10.0-1.el8.ML.1 (AXSA:2023-5298:15)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5298:15 advisory. MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp Mozilla: Fullscreen notification obscured CVE-2023-29533 Mozilla: Potential Memory Corruption...

8.8CVSS7.3AI score0.00741EPSS
Exploits0References9
nessus
nessus
added 2024/02/08 12:0 a.m.44 views

CentOS 8 : thunderbird (CESA-2023:1802)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:1802 advisory. - OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted...

8.8CVSS7.8AI score0.01185EPSS
Exploits0References13
ibm
ibm
added 2023/08/31 11:4 a.m.41 views

Security Bulletin: Due to use of Mozilla Firefox, IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to multiple vulnerabilities.

Summary Mozilla Firefox ESR is used by IBM Cloud Pak for Multicloud Management Monitoring as part of the selenium scripts / tests agent. Vulnerability Details CVEID:CVE-2023-29539 DESCRIPTION: Mozilla Firefox could allow a remote attacker to download arbitrary files, caused by the truncation of...

9.8CVSS9.7AI score0.00974EPSS
Exploits1Affected Software1
circl
circl
added 2023/06/02 8:36 p.m.4 views

CVE-2023-29539

creationtimestamp| type| source ---|---|--- 2023-06-02 20:36:34+00:00| seen| https://t.me/cibsecurity/64901...

8.8CVSS8AI score0.00737EPSS
Exploits0References1
nvd
nvd
added 2023/06/02 5:15 p.m.24 views

CVE-2023-29539

When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox 112, Focus f...

8.8CVSS7.9AI score0.00737EPSS
Exploits0References4
osv
osv
added 2023/06/02 5:15 p.m.6 views

CVE-2023-29539

When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox 112, Focus f...

8.8CVSS7.9AI score
Exploits0References4
vulnrichment
vulnrichment
added 2023/06/02 12:0 a.m.6 views

CVE-2023-29539

When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox 112, Focus f...

7.9AI score0.00737EPSS
Exploits0References4
cve
cve
added 2023/06/02 12:0 a.m.227 views

CVE-2023-29539

Concrete details found: CVE-2023-29539 (Content-Disposition filename truncation on NULL) affects Firefox family and Thunderbird; root cause is NULL character in filename causing truncation and potential Reflected File Download. Connected documents (Astra Linux bulletin, Debian/CentOS advisories) ...

8.8CVSS7.9AI score0.00737EPSS
Exploits0References4Affected Software4
alpinelinux
alpinelinux
added 2023/06/02 12:0 a.m.25 views

CVE-2023-29539

When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox 112, Focus f...

8.8CVSS8.2AI score0.00737EPSS
Exploits0
amazon
amazon
added 2023/05/02 12:0 a.m.41 views

Important: thunderbird

Issue Overview: The Mozilla Foundation describes this issue as follows: OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. CVE-2023-054...

8.8CVSS8.9AI score0.00952EPSS
Exploits0
nessus
nessus
added 2023/05/02 12:0 a.m.30 views

Amazon Linux 2 : thunderbird (ALAS-2023-2028)

The version of thunderbird installed on the remote host is prior to 102.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2028 advisory. 2024-01-03: CVE-2023-1999 was added to this advisory. The Mozilla Foundation describes this issue as follows:OCSP...

8.8CVSS7.8AI score0.00952EPSS
Exploits0References24
openvas
openvas
added 2023/04/27 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-6010-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.00741EPSS
Exploits0References3
nessus
nessus
added 2023/04/26 12:0 a.m.32 views

Rocky Linux 8 : thunderbird (RLSA-2023:1802)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1802 advisory. - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key...

8.8CVSS7.5AI score0.01185EPSS
Exploits0References24
nessus
nessus
added 2023/04/25 12:0 a.m.41 views

CentOS 7 : thunderbird (RHSA-2023:1806)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1806 advisory. - OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted...

8.8CVSS7.8AI score0.01185EPSS
Exploits0References13
openvas
openvas
added 2023/04/25 12:0 a.m.21 views

CentOS: Security Advisory for firefox (CESA-2023:1791)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.5AI score0.00952EPSS
Exploits0References2
openvas
openvas
added 2023/04/24 12:0 a.m.20 views

Debian: Security Advisory (DLA-3400-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.5AI score0.01185EPSS
Exploits0References4
nessus
nessus
added 2023/04/20 12:0 a.m.33 views

AlmaLinux 9 : firefox (ALSA-2023:1786)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:1786 advisory. - Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. CVE-2023-1945 - A website...

8.8CVSS7.5AI score0.00741EPSS
Exploits0References9
nessus
nessus
added 2023/04/18 12:0 a.m.33 views

Oracle Linux 8 : thunderbird (ELSA-2023-1802)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1802 advisory. 102.10.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.10.0-2 - Update to 102.10.0 build2 102.10.0-...

8.8CVSS7.4AI score0.01185EPSS
Exploits0References12
redhat
redhat
added 2023/04/17 2:1 p.m.37 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS7AI score0.01185EPSS
Exploits0References13
nessus
nessus
added 2023/04/17 12:0 a.m.25 views

RHEL 8 : thunderbird (RHSA-2023:1802)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1802 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.10.0. Security Fixes:...

8.8CVSS7.5AI score0.01185EPSS
Exploits0References26
Rows per page
Query Builder