Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1064 matches found

Veracode
Veracodeadded 2021/10/16 9:1 p.m.18 views

Denial Of Service (DoS)

Alpine is vulnerable to denial of service. The vulnerability exists because untagged responses from an IMAP server are accepted before STARTTLS...

5.9CVSS2.3AI score0.01565EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2021/10/15 11:3 a.m.1 views

OESA-2021-1382 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: When curl = 7.20.0 and = 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can...

9.1CVSS7AI score0.06216EPSS
Exploits3References4
CNVD
CNVDadded 2021/10/15 12:0 a.m.11 views

Mozilla Thunderbird Information Disclosure Vulnerability (CNVD-2022-36982)

Mozilla Thunderbird is a suite of email client software from the Mozilla Foundation that is separate from the Mozilla Application Suite. The software supports IMAP and POP email protocols as well as HTML email formats. Mozilla Thunderbird is vulnerable to an information disclosure vulnerability...

5.9CVSS0.7AI score0.01066EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2021/10/15 12:0 a.m.29 views

CentOS 8 : thunderbird (CESA-2021:3838)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:3838 advisory. - rust-crossbeam-deque: race condition may lead to double free CVE-2021-32810 - Mozilla: Use-after-free in MessageTask CVE-2021-38496 - Mozilla:...

9.8CVSS7.6AI score0.01907EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2021/10/14 12:0 a.m.44 views

RHEL 8 : thunderbird (RHSA-2021:3840)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3840 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.2.0. Security Fixes: Mozilla:...

9.8CVSS7.8AI score0.01907EPSS
Exploits0References16
Tenable Nessus
Tenable Nessusadded 2021/10/14 12:0 a.m.243 views

RHEL 8 : thunderbird (RHSA-2021:3839)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3839 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.2.0. Security Fixes: Mozilla:...

9.8CVSS7.8AI score0.01907EPSS
Exploits0References16
Debian
Debianadded 2021/10/13 2:12 p.m.47 views

[SECURITY] [DLA 2780-1] ruby2.3 security update

---------------------------------------------------------------------- Debian LTS Advisory DLA-2780-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta October 11, 2021 https://wiki.debian.org/LTS -...

7.4CVSS7.7AI score0.0305EPSS
Exploits2
RedHat Linux
RedHat Linuxadded 2021/10/13 10:5 a.m.53 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.8CVSS6.8AI score0.01907EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2021/10/13 10:5 a.m.3 views

Mozilla: Downgrade attack on SMTP STARTTLS connections

Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication...

5.9CVSS7.5AI score0.01066EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2021/10/13 9:32 a.m.4 views

Mozilla: Downgrade attack on SMTP STARTTLS connections

Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication...

5.9CVSS7.5AI score0.01066EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2021/10/13 9:32 a.m.58 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

9.8CVSS6.8AI score0.01907EPSS
Exploits0References8
AlmaLinux
AlmaLinuxadded 2021/10/13 9:4 a.m.32 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.2.0. Security Fixes: Mozilla: Use-after-free in MessageTask CVE-2021-38496 Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 CVE-2021-38500 Mozilla:...

6.8CVSS1.8AI score0.01907EPSS
Exploits0References7
Rockylinux
Rockylinuxadded 2021/10/13 9:4 a.m.25 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...

9.8CVSS9.5AI score0.01907EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2021/10/13 12:0 a.m.60 views

Mozilla Thunderbird < 91.2

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-47 advisory. - Mozilla developers and community members Kevin Brosnan, Mihai Alexandru Michis, and Christian Holler...

9.8CVSS7.9AI score0.01907EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2021/10/13 12:0 a.m.42 views

Debian DLA-2780-1 : ruby2.3 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2780 advisory. Multiple vulnerabilites in ruby2.3, interpreter of object-oriented scripting language Ruby, were discovered. CVE-2021-31799 In RDoc 3.11 through 6.x before 6.3.1, ...

7.4CVSS7.7AI score0.0305EPSS
Exploits2References10
OSV
OSVadded 2021/10/12 11:23 a.m.6 views

SUSE-SU-2021:3351-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22947: Fixed STARTTLS protocol injection via MITM bsc1190374. - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed bsc1190373...

7.5CVSS7AI score0.04224EPSS
Exploits2References5
OSV
OSVadded 2021/10/11 3:2 p.m.9 views

SUSE-SU-2021:3332-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22947: Fixed STARTTLS protocol injection via MITM bsc1190374. - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed bsc1190373...

7.5CVSS7AI score0.04224EPSS
Exploits2References5
OpenVAS
OpenVASadded 2021/10/07 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2021:3298-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.04224EPSS
Exploits2References2
OSV
OSVadded 2021/10/06 2:55 p.m.4 views

SUSE-SU-2021:3298-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22947: Fixed STARTTLS protocol injection via MITM bsc1190374. - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed bsc1190373...

7.5CVSS7AI score0.04224EPSS
Exploits2References5
OSV
OSVadded 2021/10/06 2:55 p.m.8 views

OPENSUSE-SU-2021:3298-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22947: Fixed STARTTLS protocol injection via MITM bsc1190374. - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed bsc1190373...

7.5CVSS7AI score0.04224EPSS
Exploits2References5
Rows per page
Query Builder