EUVD-2019-7523

Malware in sbrugna...

EUVD-2022-42579

Malicious code in bioql PyPI...

CVE-2022-3155

CVE-2022-3155 affects Mozilla Thunderbird and is described as: when saving or opening a mail attachment on macOS, Thunderbird failed to set the com.apple.quarantine attribute on the received file. If the file was an application, opening it could launch the application immediately without user con...

CVE-2022-3155

When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This...

The vulnerability of the Thunderbird email client, related to incorrect actions performed by the user interface, allows a hacker to execute arbitrary code.

The vulnerability of the Thunderbird email client is related to incorrect actions performed by the user interface when the com.apple.quarantine attribute is used. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by downloading a malicious email attachment...

CVE-2019-17051

Evernote for macOS (prior to 7.13 GA) is affected by CVE-2019-17051. The root cause is the com.apple.quarantine attribute not being applied to downloaded attachments, enabling a one-click code execution scenario via a crafted Terminal file when a user drags and drops it into Evernote Open With Te...