Lucene search
K

3626 matches found

OSV
OSV
added 2022/10/25 12:0 a.m.27 views

ALSA-2022:7178 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators CVE-2022-39249 Mozilla: Matrix SDK bundled with...

8.8CVSS8.5AI score0.00992EPSS
Exploits0References18
OSV
OSV
added 2022/10/25 12:0 a.m.28 views

ALSA-2022:7190 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators CVE-2022-39249 Mozilla: Matrix SDK bundled with...

8.8CVSS8.5AI score0.00992EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.21 views

RHEL 8 : thunderbird (RHSA-2022:7190)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7190 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla:...

8.8CVSS7.6AI score0.00992EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.30 views

RHEL 8 : thunderbird (RHSA-2022:7182)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7182 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla:...

8.8CVSS7.6AI score0.00992EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.31 views

RHEL 8 : thunderbird (RHSA-2022:7183)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7183 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla:...

8.8CVSS7.6AI score0.00992EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.48 views

RHEL 9 : thunderbird (RHSA-2022:7178)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7178 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla:...

8.8CVSS7.6AI score0.00992EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.39 views

RHEL 7 : thunderbird (RHSA-2022:7184)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7184 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla:...

8.8CVSS7.6AI score0.00992EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.43 views

RHEL 8 : thunderbird (RHSA-2022:7181)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7181 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla:...

8.8CVSS7.6AI score0.00992EPSS
Exploits0References18
OSV
OSV
added 2022/10/24 12:0 p.m.4 views

RUSTSEC-2022-0062 matrix-sdk 0.6.0 logs access tokens

When sending Matrix requests using an affected version of matrix-sdk in an application that writes logs using tracing-subscriber in a way that includes fields of tracing spans such as tracingsubscribers default text output from the fmt module, these logs will contain the user's access token...

7.1AI score
Exploits0References3
RustSec
RustSec
added 2022/10/24 12:0 p.m.20 views

matrix-sdk 0.6.0 logs access tokens

When sending Matrix requests using an affected version of matrix-sdk in an application that writes logs using tracing-subscriber in a way that includes fields of tracing spans such as tracingsubscribers default text output from the fmt module, these logs will contain the user's access token...

4.3AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2022/10/17 2:19 p.m.24 views

CVE-2022-39251

A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. An attacker could spoof historical messages from other users, and use a malicious key backup to the user's account unde...

7.5CVSS3.9AI score0.00865EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/10/17 2:18 p.m.35 views

CVE-2022-39250

A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. A malicious server administrator could interfere with cross-device verification to authenticate their own device...

7.5CVSS4.7AI score0.00928EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/10/17 2:18 p.m.27 views

CVE-2022-39249

A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. A malicious server administrator could fake encrypted messages to look as if they were sent from another user on that...

7.5CVSS3.8AI score0.00938EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/10/17 2:18 p.m.34 views

CVE-2022-39236

A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to a data corruption issue. An attacker could potentially cause data integrity issues by sending specially crafted messages...

4.3CVSS4.8AI score0.00992EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/10/08 12:0 a.m.19 views

Fedora: Security Advisory for nheko (FEDORA-2022-1fd94a54a1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.6CVSS5.9AI score0.00624EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2022/10/07 8:33 p.m.52 views

USN-5663-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, obtain sensitive information, spoof the...

8.8CVSS7.4AI score0.00932EPSS
Exploits0
OSV
OSV
added 2022/10/07 8:33 p.m.3 views

USN-5663-1 thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, obtain sensitive information, spoof the...

8.8CVSS6.7AI score0.00932EPSS
Exploits0References13
Fedora
Fedora
added 2022/10/07 3:56 p.m.26 views

[SECURITY] Fedora 36 Update: nheko-0.10.2-1.fc36

The motivation behind the project is to provide a native desktop app for Matrix that feels more like a mainstream chat app...

8.6CVSS2.5AI score0.00624EPSS
Exploits0
Redos
Redos
added 2022/10/07 12:0 a.m.44 views

ROS-20221007-04

Vulnerabilities in Firefox, Firefox ESR web browsers and Thunderbird email client are related to errors in the in the presentation of information by the user interface. Exploitation of the vulnerability could allow An attacker acting remotely could disclose protected information Vulnerability in...

8.8CVSS8.7AI score0.01342EPSS
Exploits0
Veracode
Veracode
added 2022/10/04 4:44 a.m.21 views

Authentication Bypass

Matrix Android SDK 2 is vulnerable to authentication bypass. The vulnerability exists in onRoomKeyEvent function of DefaultCryptoService.kt due to lack of entity authentication for key forwarding strategy which allows an attacker to cooperate with a malicious home server...

7.5CVSS5.5AI score0.00626EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder