171 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
Cross-Site Tracing occurs when a server echoes a request back using the Trace method, allowing an XSS attack to access authorization headers and cookies that are inaccessible to JavaScript such as cookies protected by HTTPOnly. To mitigate this attack, browsers imposed restrictions on fetch and...
USN-7991-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...
USN-7991-1 thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...
PT-2026-6540
Name of the Vulnerable Software and Affected Versions Thunderbird versions 1:140.7.1+build1-0ubuntu0.22.04.1 Description Thunderbird is affected by multiple security issues. An attacker could potentially exploit these issues to cause a denial of service, obtain sensitive information, bypass...
MiracleLinux 9 : thunderbird-102.5.0-2.el9.ML.1 (AXSA:2023-5045:06)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5045:06 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...
MiracleLinux 8 : firefox-102.5.0-1.el8.ML.1 (AXSA:2023-4657:01)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4657:01 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...
MiracleLinux 8 : thunderbird-102.5.0-2.el8.ML.1 (AXSA:2023-4654:01)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4654:01 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...
CVE-2010-0386
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and CVE-2005-3398...
EUVD-2012-2217
Malware in sbrugna...
EUVD-2007-3000
Malware in sbrugna...
EUVD-2010-0417
Malware in sbrugna...
EUVD-2018-0561
Malware in sbrugna...
EUVD-2004-2312
Malware in sbrugna...
EUVD-2018-14357
Malware in sbrugna...
EUVD-2004-2753
Malware in sbrugna...
EUVD-2008-7209
Malware in sbrugna...
EUVD-2022-48283
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-11039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Framework versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions allow web applications to change the HTTP request...
Linux Distros Unpatched Vulnerability : CVE-2022-45411
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies...
USN-7663-1 thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...