-GodSearch

󰓾 GodSearch v20.0 — THE SOVEREIGN 💀 Universal Exploit Sear...

Nextcloud Calendar 安全漏洞

Nextcloud Calendar is an open source calendar application from Nextcloud. A security vulnerability exists in Nextcloud Calendar versions prior to 4.7.17 and prior to 5.2.4, which stems from a malicious user being able to create specially crafted attachments that could result in files being...

Amazon Linux 2 : thunderbird (ALAS-2025-2896)

The version of thunderbird installed on the remote host is prior to 128.11.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2896 advisory. A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's deskto...

CVE-2025-5986

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...

CVE-2025-5986 Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links

A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data e.g. using /dev/urandom on Linux or to...

Mozilla Thunderbird 安全漏洞

Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation in the United States that is separate from the Mozilla Application Suite. The software supports the IMAP and POP mail protocols as well as the HTML mail format. A security vulnerability exists in Mozilla...

Amazon Linux 2 : thunderbird (ALAS-2025-2859)

The version of thunderbird installed on the remote host is prior to 128.10.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2859 advisory. Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From...

CVE-2025-3877

CVE-2025-3877 is rejected/not used; this entry does not represent an active vulnerability.

Mozilla Thunderbird < 128.10.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 128.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-34 advisory. - It was possible to craft an email that showed a tracking link as an attachment. If the user attempted...

Mozilla Thunderbird < 138.0.1

The version of Thunderbird installed on the remote Windows host is prior to 138.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-35 advisory. - It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open th...

Mozilla Thunderbird < 128.10.1

The version of Thunderbird installed on the remote Windows host is prior to 128.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-34 advisory. - It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open t...

Firefox 135.0.1 Download Stresser

Firefox version 135.0.1 appears to suffer from a download looping issue that allows a malicious site to constantly download files to a user's browser. Exploit Title: Firefox 135.0.1 bypass Download protections PoC Date: 2025-02-28 Exploit Author: Emiliano Febbi Vendor Homepage:...

Fedora 27 : 1:epiphany (2018-de5457b0a2)

Ensure search engine migration does not fail 794645 - Do not open adblock filters when automatic open downloads is enabled 794646 - Fix crash destroying sync service 794728 - Fix CVE-2018-11396/CVE-2018-12016 795740 - Do not use Fanboy's Annoyance adblock list by default 796245 - Fix a couple...

Apple starts downloading MacOS Sierra automatically to your MacBook — Here's How to Stop It

Are you experiencing slow Internet speed on your MacBook today? — It's not just you! Here's Why: Following in Microsoft's footsteps, Apple has started "pre-downloading" the latest version of its desktop operating system, macOS 10.12 Sierra, in the background, if you are still running OS X El...

MGASA-2015-0265 Updated chromium-browser package fixes security vulnerability

A scheme validation error in WebUI CVE-2015-1266. Two cross-origin bypass issues in Blink CVE-2015-1267, CVE-2015-1268. A normalization error in the HSTS/HPKP preload list CVE-2015-1269. This update also disables the automatic, silent downloading and installation of "external components" like the...