Lucene search
K

78 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2020-0352)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.1AI score0.01378EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/11/08 12:0 a.m.23 views

Mozilla Firefox Security Advisory (MFSA2020-36) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

8.8CVSS7.2AI score0.01631EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.31 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0172)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger obje...

9.8CVSS8.3AI score0.42327EPSS
Exploits5References55
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2020:2563-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.9AI score0.02716EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2020:2544-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.8AI score0.02716EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.30 views

CentOS 8 : thunderbird (CESA-2020:3634)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:3634 advisory. - Mozilla: Attacker-induced prompt for extension installation CVE-2020-15664 - Mozilla: Use-After-Free when aborting an operation CVE-2020-15669 Note...

8.8CVSS7.8AI score0.01378EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/11/18 12:0 a.m.22 views

RHEL 8 : thunderbird (RHSA-2020:3633)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3633 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.12.0. Security Fixes: Mozilla:...

8.8CVSS7.9AI score0.01378EPSS
Exploits0References6
OSV
OSV
added 2020/10/01 7:15 p.m.2 views

DEBIAN-CVE-2020-15664

By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...

6.5CVSS7.2AI score0.01378EPSS
Exploits0References1
OSV
OSV
added 2020/10/01 7:15 p.m.5 views

CVE-2020-15664

By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...

6.5CVSS7.8AI score
Exploits0References7
CVE
CVE
added 2020/10/01 6:43 p.m.325 views

CVE-2020-15664

The CVE-2020-15664 issue arises from a malicious page holding a reference to eval() from an about:blank window, allowing access to InstallTrigger and prompting users to install an extension. Affected products include Firefox < 80, Thunderbird < 78.2/68.12, Firefox ESR < 68.12/78.2, and F...

6.5CVSS6.7AI score0.01378EPSS
Exploits0References7Affected Software3
Debian CVE
Debian CVE
added 2020/10/01 6:43 p.m.38 views

CVE-2020-15664

By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...

6.5CVSS8AI score0.01378EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/10/01 12:0 a.m.33 views

Amazon Linux 2 : thunderbird (ALAS-2020-1496)

The version of thunderbird installed on the remote host is prior to 68.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1496 advisory. By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access...

8.8CVSS8.1AI score0.01378EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/27 9:9 a.m.29 views

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 68.12.0 ESR + CVE-2020-15664) hava affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.2.0

Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-15664, CVE-2020-15663, CVE-2020-15669 Vulnerability Details CVEID: CVE-2020-15664 DESCRIPTION: Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by an attacker induced prompt...

9.3CVSS3AI score0.02716EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/09/17 12:0 a.m.19 views

Oracle Linux 7 : thunderbird (ELSA-2020-3631)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-3631 advisory. 68.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Build with rust-toolset 1.43 68.12.0-1 - Update...

8.8CVSS7.9AI score0.01378EPSS
Exploits0References3
Cent OS
Cent OS
added 2020/09/14 2:38 p.m.99 views

thunderbird security update

CentOS Errata and Security Advisory CESA-2020:3643 An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

8.8CVSS6.9AI score0.01378EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/09/14 12:0 a.m.33 views

Slackware 14.2 / current : mozilla-thunderbird (SSA:2020-256-01)

New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2020-256-01. The text itself is copyright C Slackware Linu...

9.3CVSS8.4AI score0.02716EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/09/14 12:0 a.m.37 views

CentOS 7 : thunderbird (RHSA-2020:3631)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3631 advisory. - By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object whi...

8.8CVSS8.1AI score0.01378EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/09/11 12:0 a.m.37 views

openSUSE Security Update : MozillaThunderbird (openSUSE-2020-1392)

This update for MozillaThunderbird fixes the following issues : - Mozilla Thunderbird was updated to 68.12 bsc1175686 - CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege - CVE-2020-15664: Attacker-induced prompt for extension...

9.3CVSS7.7AI score0.02716EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/09/11 12:0 a.m.40 views

openSUSE Security Update : MozillaFirefox (openSUSE-2020-1391)

This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.2.0 ESR - Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 bsc1175686 - CVE-2020-15663 bmo1643199 Downgrade attack on the Mozilla Maintenance Servic...

9.3CVSS7.6AI score0.02716EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/09/09 12:0 a.m.21 views

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20200908)

Security Fixes : - Mozilla: Attacker-induced prompt for extension installation CVE-2020-15664 - Mozilla: Use-After-Free when aborting an operation CVE-2020-15669 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid140441;...

8.8CVSS7.7AI score0.01378EPSS
Exploits0References3
Rows per page
Query Builder