Lucene search
K

37 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/02 12:0 a.m.52 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Thunderbird vulnerabilities (USN-6563-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6563-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...

8.8CVSS7.7AI score0.20472EPSS
Exploits0References12
Veracode
Veracode
added 2023/12/25 2:48 a.m.20 views

Sandbox Escape

Firefox and Thunderbird are vulnerable to Sandbox Escape. The vulnerability is caused because VideoBridge extension allowed any content process to use textures produced by remote decoders. An attacker can abuse this to escape the sandbox...

6.5CVSS6.6AI score0.00958EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/25 12:0 a.m.5 views

The vulnerability of the VideoBridge component in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a hacker to bypass the security measures of the isolated programming environment.

The vulnerability of the VideoBridge component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to security configuration errors. Exploiting this vulnerability can allow an attacker to bypass the security measures of a isolated software environment...

7.8CVSS6.7AI score0.00958EPSS
Exploits0References12Affected Software7
Tenable Nessus
Tenable Nessus
added 2023/12/21 12:0 a.m.27 views

Debian DSA-5582-1 : thunderbird - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5582 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compa...

8.8CVSS8.7AI score0.20472EPSS
Exploits0References26
RedhatCVE
RedhatCVE
added 2023/12/20 11:34 a.m.26 views

CVE-2023-6860

The Mozilla Foundation Security Advisory describes this flaw as: The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox...

6.1CVSS6.7AI score0.00958EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/12/20 12:0 a.m.21 views

CVE-2023-6860

The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

6.5CVSS6.7AI score0.00958EPSS
Exploits0References10
NVD
NVD
added 2023/12/19 2:15 p.m.24 views

CVE-2023-6860

The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

6.5CVSS0.00958EPSS
Exploits0References9
OSV
OSV
added 2023/12/19 2:15 p.m.1 views

DEBIAN-CVE-2023-6860

The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

6.5CVSS6.8AI score0.00958EPSS
Exploits0References1
OSV
OSV
added 2023/12/19 2:15 p.m.4 views

CVE-2023-6860

The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

6.5CVSS8AI score
Exploits0References9
Prion
Prion
added 2023/12/19 2:15 p.m.26 views

Code injection

The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

4.3CVSS6.2AI score0.00958EPSS
Exploits0References9Affected Software4
Cvelist
Cvelist
added 2023/12/19 1:38 p.m.19 views

CVE-2023-6860

The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

6.9AI score0.00958EPSS
Exploits0References9
AlpineLinux
AlpineLinux
added 2023/12/19 1:38 p.m.26 views

CVE-2023-6860

The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

6.5CVSS7.2AI score0.00958EPSS
Exploits0
CVE
CVE
added 2023/12/19 1:38 p.m.151 views

CVE-2023-6860

CVE-2023-6860: The VideoBridge channel allowed a content process to access textures from remote decoders, creating a potential sandbox escape in Firefox ESR <115.6, Thunderbird <115.6, and Firefox

6.5CVSS6.8AI score0.00958EPSS
Exploits0References9Affected Software3
Debian CVE
Debian CVE
added 2023/12/19 1:38 p.m.23 views

CVE-2023-6860

The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

6.5CVSS8AI score0.00958EPSS
Exploits0
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.2 views

Mozilla Firefox Security Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a security vulnerability that originates in VideoBridge that allows any process to use a structure generated by a remote decoder, resulting in an attacker being able to...

6.5CVSS6.7AI score0.00958EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2023/12/19 12:0 a.m.31 views

Mozilla Firefox ESR < 115.6

The version of Firefox ESR installed on the remote Windows host is prior to 115.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-54 advisory. - Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed...

8.8CVSS9AI score0.20472EPSS
Exploits0References12
Mozilla
Mozilla
added 2023/12/19 12:0 a.m.152 views

Security Vulnerabilities fixed in Firefox 121 — Mozilla

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. Multiple NSS NIST curves were susceptible to a side-channel attack known as...

8.8CVSS9.1AI score0.20472EPSS
Exploits0References18Affected Software1
Rows per page
Query Builder