Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

738 matches found

RedHat Linux
RedHat Linuxadded 2022/09/26 3:37 p.m.2 views

Mozilla: An iframe element in an HTML email could trigger a network request

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of sending a request to the remote document when receiving an HTML email that specified to load an iframe element from a remote location. However, Thunderbird didn't display the document...

4.3CVSS7.3AI score0.00529EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2022/09/26 3:15 p.m.1 views

Mozilla: An iframe element in an HTML email could trigger a network request

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of sending a request to the remote document when receiving an HTML email that specified to load an iframe element from a remote location. However, Thunderbird didn't display the document...

4.3CVSS7.3AI score0.00529EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2022/09/26 12:0 a.m.36 views

RHEL 8 : thunderbird (RHSA-2022:6708)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6708 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fixes: Mozilla:...

8.8CVSS7.7AI score0.01342EPSS
Exploits0References23
Tenable Nessus
Tenable Nessusadded 2022/09/19 12:0 a.m.50 views

Mozilla Thunderbird < 91.13.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.13.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-39 advisory. - If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag having...

8.1CVSS7.4AI score0.00768EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2022/09/19 12:0 a.m.57 views

Mozilla Thunderbird < 91.13.1

The version of Thunderbird installed on the remote Windows host is prior to 91.13.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-39 advisory. - If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag having the...

8.1CVSS7.4AI score0.00768EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2022/09/07 12:0 a.m.39 views

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2022-249-02)

The version of mozilla-thunderbird installed on the remote host is prior to 102.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-249-02 advisory. - When receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the...

8.2CVSS7.4AI score0.00932EPSS
Exploits0References4
OpenVAS
OpenVASadded 2022/09/06 12:0 a.m.23 views

Mozilla Thunderbird Security Advisory (MFSA2022-38) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

8.2CVSS6.9AI score0.00932EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2022/09/02 12:0 a.m.32 views

Fedora 36 : thunderbird (2022-8bf22a684b)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-8bf22a684b advisory. Update to 102.2.1 ; https://www.mozilla.org/en-US/security/advisories/mfsa2022-38/ Tenable has extracted the preceding description block directly from the...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2022/09/01 12:0 a.m.51 views

Mozilla Thunderbird < 102.2.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 102.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-38 advisory. - If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag having...

8.2CVSS7.4AI score0.00932EPSS
Exploits0References5
Mozilla
Mozillaadded 2022/08/31 12:0 a.m.136 views

Security Vulnerabilities fixed in Thunderbird 102.2.1 — Mozilla

If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. I...

8.2CVSS1.1AI score0.00932EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2022/08/05 10:15 p.m.30 views

CVE-2022-26376

A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.38648706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...

9.8CVSS0.01075EPSS
Exploits1References1
NVD
NVDadded 2022/08/05 10:15 p.m.33 views

CVE-2022-28665

A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The freshtomato-arm has a vulnerable URL-decoding feature that c...

9.8CVSS0.01206EPSS
Exploits1References1
NVD
NVDadded 2022/08/05 10:15 p.m.23 views

CVE-2022-28664

A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The freshtomato-mips has a vulnerable URL-decoding feature that...

9.8CVSS0.01372EPSS
Exploits1References1
Prion
Prionadded 2022/08/05 10:15 p.m.30 views

Memory corruption

A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.38648706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...

7.5CVSS9.5AI score0.01075EPSS
Exploits1References1Affected Software19
Prion
Prionadded 2022/08/05 10:15 p.m.29 views

Memory corruption

A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The freshtomato-mips has a vulnerable URL-decoding feature that...

7.5CVSS9.5AI score0.01372EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2022/08/05 10:15 p.m.26 views

Memory corruption

A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The freshtomato-arm has a vulnerable URL-decoding feature that c...

7.5CVSS9.5AI score0.01206EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2022/08/05 10:15 p.m.37 views

Memory corruption

A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...

7.5CVSS9.5AI score0.00993EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/08/05 9:20 p.m.100 views

CVE-2022-28665

CVE-2022-28665 describes a memory corruption flaw in FreshTomato 2022.1’s httpd unescape function (freshtomato-arm). The code assumes two characters follow a percent sign and performs a potentially out-of-bounds access if a '%' is followed by only one character, risking memory corruption. Public ...

9.8CVSS9.5AI score0.01206EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/08/05 9:20 p.m.10 views

CVE-2022-28665

A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The freshtomato-arm has a vulnerable URL-decoding feature that c...

5.3CVSS9.5AI score0.01206EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/08/05 9:20 p.m.37 views

CVE-2022-28664

A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The freshtomato-mips has a vulnerable URL-decoding feature that...

5.3CVSS9.8AI score0.01372EPSS
Exploits1References1
Rows per page
Query Builder