Lucene search
K

1977 matches found

OSV
OSV
added 2026/05/13 12:3 p.m.6 views

RLSA-2026:15892 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

7.5CVSS6AI score0.04938EPSS
Exploits1References26
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.14 views

AlmaLinux 9 : thunderbird (ALSA-2026:15892)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:15892 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScrip...

9.8CVSS6AI score0.04938EPSS
Exploits1References27
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.16 views

.NET Core Tampering Vulnerability

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the...

4.3CVSS5.9AI score0.00711EPSS
Exploits0
EUVD
EUVD
added 2026/05/11 9:31 p.m.9 views

EUVD-2026-29236

A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks...

5.8AI score0.00136EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 9:18 p.m.22 views

CVE-2026-28914

A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks...

5.5CVSS0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 8:7 p.m.38 views

CVE-2026-28914

A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks...

0.00136EPSS
Exploits0References1
CVE
CVE
added 2026/05/11 8:7 p.m.15 views

CVE-2026-28914

The CVE-2026-28914 entry concerns a logic issue in macOS related to file handling that allows a maliciously crafted ZIP archive to bypass Gatekeeper checks. It is fixed in macOS Tahoe 26.5. Affected: macOS Tahoe family (Tahoe 26.5 fix mentioned). Root cause: logic issue in how files are handled d...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/11 8:7 p.m.7 views

CVE-2026-28914

A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks...

5.8AI score0.00136EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/11 2:10 a.m.12 views

firefox: thunderbird: Mitigation bypass in the File Handling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the File Handling component...

6.5CVSS5.7AI score0.00191EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2026/05/11 12:0 a.m.18 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

9.8CVSS5.8AI score0.04938EPSS
Exploits1References52
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.12 views

RHEL 9 : nginx:1.24 (RHSA-2026:15943)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:15943 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...

8.8CVSS6.3AI score0.21621EPSS
Exploits0References10
OSV
OSV
added 2026/05/09 4:24 p.m.9 views

MGASA-2026-0125 Updated thunderbird packages fix security vulnerabilities

Use-after-free in the DOM: Core & HTML component. CVE-2026-6746 Use-after-free in the WebRTC component. CVE-2026-6747 Uninitialized memory in the Audio/Video: Web Codecs component. CVE-2026-6748 Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. CVE-2026-6749...

9.8CVSS5.8AI score0.00586EPSS
Exploits0References6
OSV
OSV
added 2026/05/09 4:24 p.m.6 views

MGASA-2026-0124 Updated rootcerts, nss & firefox packages fix security vulnerabilities

Use-after-free in the DOM: Core & HTML component. CVE-2026-6746 Use-after-free in the WebRTC component. CVE-2026-6747 Uninitialized memory in the Audio/Video: Web Codecs component. CVE-2026-6748 Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. CVE-2026-6749...

9.8CVSS5.8AI score0.00586EPSS
Exploits0References8
OSV
OSV
added 2026/05/07 12:6 p.m.14 views

RLSA-2026:12285 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

7.5CVSS5.8AI score0.04938EPSS
Exploits1References26
OSV
OSV
added 2026/05/07 7:1 a.m.5 views

SUSE-SU-2026:1741-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues Updated to Mozilla Thunderbird 140.10.1: MFSA 2026-34 bsc1262230: - CVE-2026-6746: Use-after-free in the DOM: Core & HTML component. - CVE-2026-6747: Use-after-free in the WebRTC component. - CVE-2026-6748: Uninitialized memory in the...

9.8CVSS6AI score0.04938EPSS
Exploits1References32
OSV
OSV
added 2026/05/07 3:2 a.m.14 views

USN-8241-1 coin3 vulnerabilities

It was discovered that Expat, vendored in Coin3D incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS7.1AI score0.34174EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 2:57 a.m.7 views

USN-8240-1 swish-e vulnerabilities

It was discovered that Expat, vendored in Swish-e incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-25235, CVE-2022-25236...

9.8CVSS7.1AI score0.34174EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.12 views

CI4MS 代码问题漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS from 0.26.0.0 to 0.31.7.0 had code-related vulnerabilities. These vulnerabilities stemmed from the theme upload feature not filtering PHP files within ZIP files. This could allow authenticated users to execute...

8.6CVSS6.2AI score0.00501EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.13 views

RockyLinux 8 : thunderbird (RLSA-2026:13537)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13537 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScri...

9.8CVSS5.9AI score0.04938EPSS
Exploits1References51
RedHat Linux
RedHat Linux
added 2026/05/04 4:55 p.m.6 views

firefox: thunderbird: Mitigation bypass in the File Handling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the File Handling component...

6.5CVSS5.7AI score0.00191EPSS
Exploits0References6
Rows per page
Query Builder