Lucene search
K

21 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Thunderbird

An HTML email containing links to .pdf files can trigger automatic, unsolicited downloads of those files to the user’s desktop or home directory without any prompts, even if auto-saving is disabled. This behavior can be exploited to fill the disk with junk data e.g., using /dev/urandom on Linux o...

6.5CVSS6.4AI score0.00466EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 8 : thunderbird-128.12.0-1.el8_10.ML.1 (AXSA:2025-10437:13)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10437:13 advisory. thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links CVE-2025-5986 Tenable has extracted the precedin...

6.5CVSS7.1AI score0.00466EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 9 : thunderbird-128.10.1-1.el9_6.ML.1 (AXSA:2025-10505:15)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10505:15 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header...

8.1CVSS6.9AI score0.00363EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/06 12:0 a.m.3 views

RockyLinux 10 : thunderbird (RLSA-2025:10195)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10195 advisory. thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links CVE-2025-5986 Tenable has extracted the...

9.8CVSS6.4AI score0.03057EPSS
Exploits0References11
Rockylinux
Rockylinux
added 2025/10/04 12:11 a.m.18 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

8.1CVSS8.5AI score0.00363EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/04 12:0 a.m.2 views

RockyLinux 10 : thunderbird (RLSA-2025:8196)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:8196 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header in...

8.1CVSS6.8AI score0.00363EPSS
Exploits0References8
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.5 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

8.1CVSS7AI score0.00363EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/07/02 2:59 p.m.6 views

thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...

6.5CVSS7.3AI score0.00466EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/02 8:27 a.m.7 views

thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...

6.5CVSS7.3AI score0.00466EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/02 8:12 a.m.5 views

thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...

6.5CVSS7.3AI score0.00466EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 9:44 p.m.5 views

thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...

6.5CVSS7.3AI score0.00466EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 9:20 p.m.3 views

thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...

6.5CVSS7.3AI score0.00466EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 8:50 p.m.4 views

thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...

6.5CVSS7.3AI score0.00466EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 8:14 p.m.5 views

thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...

6.5CVSS7.3AI score0.00466EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 7:47 p.m.6 views

thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...

6.5CVSS7.3AI score0.00466EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 7:42 p.m.5 views

thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...

6.5CVSS7.3AI score0.00466EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/06/27 2:51 p.m.3 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 128.11.1 CVE-2025-5986: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links MFSA 2025-49 bsc1244468. Patch Instructions: To install this SUSE update use the SUSE recommend...

6.5CVSS6.8AI score0.00466EPSS
Exploits0References4
Amazon
Amazon
added 2025/06/24 12:0 a.m.3 views

Important: thunderbird

Issue Overview: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data e.g. using /dev/urando...

6.5CVSS6.8AI score0.00466EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/06/11 12:15 p.m.2 views

CVE-2025-5986

A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data e.g. using /dev/urandom on Linux or to...

6.5CVSS6.7AI score0.00466EPSS
Exploits0References4
OSV
OSV
added 2025/06/11 12:15 p.m.2 views

UBUNTU-CVE-2025-5986

A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data e.g. using /dev/urandom on Linux or to...

6.5CVSS6.6AI score0.00466EPSS
Exploits0References7
Rows per page
Query Builder