Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.8 views

MiracleLinux 8 : thunderbird-128.11.0-1.el8_10.ML.1 (AXSA:2025-10026:12)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10026:12 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header...

9.8CVSS7.8AI score0.08917EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.8 views

TencentOS Server 4: thunderbird (TSSA-2025:0395)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0395 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.1CVSS8AI score0.26049EPSS
Exploits3References27
Tenable Nessus
Tenable Nessus
added 2025/10/10 12:0 a.m.2 views

RockyLinux 9 : thunderbird (RLSA-2025:8203)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:8203 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header in...

8.1CVSS6.8AI score0.00363EPSS
Exploits0References8
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.5 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

8.1CVSS7AI score0.00363EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-3932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed...

6.5CVSS6.6AI score0.00314EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/11 12:0 a.m.7 views

AlmaLinux 8 : thunderbird (ALSA-2025:8756)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:8756 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header in...

9.8CVSS7.8AI score0.08917EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2025/06/10 12:0 a.m.5 views

RHEL 8 : thunderbird (RHSA-2025:8756)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8756 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: JavaScript Execution via Spoofed PDF Attachment...

9.8CVSS7.7AI score0.08917EPSS
Exploits1References26
Tenable Nessus
Tenable Nessus
added 2025/06/05 12:0 a.m.8 views

RHEL 10 : thunderbird (RHSA-2025:8196)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8196 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: JavaScript Execution via Spoofed PDF Attachment...

8.1CVSS6.9AI score0.00363EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/05/30 12:0 a.m.11 views

SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2025:01660-2)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01660-2 advisory. Update to Mozilla Thunderbird 128.10.1. Security fixes: - MFSA 2025-34 bsc1243216 CVE-2025-3875: Sender...

8.1CVSS6.8AI score0.00363EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/05/23 12:0 a.m.5 views

SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2025:01660-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01660-1 advisory. Update to Mozilla Thunderbird 128.10.1. Security fixes: - MFSA 2025-34 bsc1243216 CVE-2025-3875...

8.1CVSS6.8AI score0.00363EPSS
Exploits0References8
OPENSUSE Linux
OPENSUSE Linux
added 2025/05/21 12:0 a.m.3 views

MozillaThunderbird-128.10.1-1.1 on GA media (moderate)

MozillaThunderbird-128.10.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15131-1 Rating: moderate Cross-References: CVE-2025-3875 CVE-2025-3877 CVE-2025-3909 CVE-2025-3932 Affected Products: openSUSE Tumbleweed An update that solves 4 vulnerabilities can now be installed. Description: These...

8.1CVSS7.4AI score0.00363EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/05/19 12:0 a.m.9 views

Slackware: Security Advisory (SSA:2025-136-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.00363EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/05/16 12:0 a.m.10 views

Debian dsa-5921 : thunderbird - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5921 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5921-1 [email protected] https://www.debian.org/securit...

8.1CVSS6.9AI score0.00363EPSS
Exploits0References8
NVD
NVD
added 2025/05/14 5:15 p.m.10 views

CVE-2025-3932

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

6.5CVSS0.00314EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/05/14 5:15 p.m.2 views

CVE-2025-3932

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

6.5CVSS7AI score0.00314EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/14 4:56 p.m.6 views

CVE-2025-3932 Tracking Links in Attachments Bypassed Remote Content Blocking

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

6.8AI score0.00314EPSS
Exploits0References3
CVE
CVE
added 2025/05/14 4:56 p.m.111 views

CVE-2025-3932

The CVE-2025-3932 issue concerns Thunderbird where an email could display a tracking link as an attachment; when opened, Thunderbird could access the external URL via the X-Mozilla-External-Attachment-URL header despite remote content blocking. Affected products: Thunderbird versions earlier than...

6.5CVSS6.8AI score0.00314EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder