CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

86 matches found

Tenable Nessus•added 2022/10/31 12:0 a.m.•27 views

GLSA-202210-35 : Mozilla Thunderbird: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-35 Mozilla Thunderbird: Multiple Vulnerabilities - Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the...

8.8CVSS7.7AI score0.00584EPSS

Exploits0References11

Tenable Nessus•added 2022/10/28 12:0 a.m.•22 views

SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:3800-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3800-1 advisory. - When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine ...

8.8CVSS8AI score0.00584EPSS

Exploits0References28

Tenable Nessus•added 2022/10/27 12:0 a.m.•24 views

AlmaLinux 9 : thunderbird (ALSA-2022:7178)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:7178 advisory. - Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or...

8.8CVSS7.7AI score0.00584EPSS

Exploits0References9

Tenable Nessus•added 2022/10/26 12:0 a.m.•24 views

AlmaLinux 8 : thunderbird (ALSA-2022:7190)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:7190 advisory. - Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or...

8.8CVSS7.7AI score0.00584EPSS

Exploits0References9

Tenable Nessus•added 2022/09/30 12:0 a.m.•48 views

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2022-273-01)

The version of mozilla-thunderbird installed on the remote host is prior to 102.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-273-01 advisory. - Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1,...

8.6CVSS7AI score0.00584EPSS

Exploits0References4

NVD•added 2022/09/29 1:15 p.m.•11 views

CVE-2022-39250

Matrix JavaScript SDK is the Matrix Client-Server software development kit SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver could interfere with the verification flow between two users, injecting its own cross-signing user identity in place of one o...

8.6CVSS0.00294EPSS

Exploits0References5

UbuntuCve•added 2022/09/29 1:15 p.m.•37 views

CVE-2022-39250

8.6CVSS6.9AI score0.00294EPSS

Exploits0References6

CVE•added 2022/09/29 12:0 a.m.•133 views

CVE-2022-39250

CVE-2022-39250 corresponds to a vulnerability in the Matrix JavaScript SDK (matrix-js-sdk) prior to version 19.7.0. The issue arises from checking and signing user identities and devices in two separate steps, and not consistently fixing the signing key between steps, enabling a malicious homeser...

8.6CVSS8AI score0.00294EPSS

Exploits0References5Affected Software1

Cvelist•added 2022/09/29 12:0 a.m.•16 views

CVE-2022-39250 Matrix JavaScript SDK vulnerable to key/device identifier confusion in SAS verification

8.6CVSS8.3AI score0.00294EPSS

Exploits0References5

Vulnrichment•added 2022/09/29 12:0 a.m.•3 views

CVE-2022-39250 Matrix JavaScript SDK vulnerable to key/device identifier confusion in SAS verification

8.6CVSS8.5AI score0.00294EPSS

Exploits0References5

Debian CVE•added 2022/09/29 12:0 a.m.•25 views

CVE-2022-39250

8.6CVSS8.2AI score0.00294EPSS

Exploits0

AlpineLinux•added 2022/09/29 12:0 a.m.•54 views

CVE-2022-39250

8.6CVSS8.2AI score0.00294EPSS

Exploits0

NVD•added 2022/09/28 8:15 p.m.•14 views

CVE-2022-39249

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be...

7.5CVSS0.00477EPSS

Exploits0References6

NVD•added 2022/09/28 8:15 p.m.•8 views

CVE-2022-39251

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a...

8.6CVSS0.00278EPSS

Exploits0References5

OSV•added 2022/09/28 8:15 p.m.•1 views

DEBIAN-CVE-2022-39251

7.5CVSS7.5AI score0.00278EPSS

Exploits0References1

OSV•added 2022/09/28 8:15 p.m.•0 views

DEBIAN-CVE-2022-39249

7.5CVSS6.7AI score0.00477EPSS

Exploits0References1

OSV•added 2022/09/28 8:15 p.m.•0 views

UBUNTU-CVE-2022-39249

7.5CVSS7AI score0.00477EPSS

Exploits0References8

Prion•added 2022/09/28 8:15 p.m.•16 views

Design/Logic Flaw

5CVSS7.8AI score0.00477EPSS

Exploits0References6Affected Software1

UbuntuCve•added 2022/09/28 8:15 p.m.•30 views

CVE-2022-39251

8.6CVSS7.1AI score0.00278EPSS

Exploits0References6

NVD•added 2022/09/28 5:15 p.m.•9 views

CVE-2022-39236

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the...

5.3CVSS0.00584EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by