Lucene search
+L

44 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : thunderbird-91.10.0-1.el8.ML.1 (AXSA:2022-3742:09)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3742:09 advisory. Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email CVE-2022-1834 Mozilla: Cross-Origin resource...

9.8CVSS8.6AI score0.01055EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : firefox-91.10.0-1.0.1.el7.AXS7 (AXSA:2022-3202:14)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3202:14 advisory. Mozilla: Cross-Origin resource's length leaked CVE-2022-31736 Mozilla: Heap buffer overflow in WebGL CVE-2022-31737 Mozilla: Browser window spoof...

9.8CVSS8.6AI score0.01055EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.23 views

Amazon Linux 2 : firefox (ALASFIREFOX-2023-011)

The version of firefox installed on the remote host is prior to 91.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-011 advisory. 2024-04-25: CVE-2022-29913 was added to this advisory. The parent process would not properly check whether the...

9.8CVSS8.1AI score0.01055EPSS
Exploits0References18
OSV
OSV
added 2022/12/22 8:15 p.m.6 views

CVE-2022-31742

An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affec...

6.5CVSS8.8AI score
Exploits0References4
CVE
CVE
added 2022/12/22 12:0 a.m.215 views

CVE-2022-31742

CVE-2022-31742 describes a timing-attack flaw in WebAuthn: an attacker could send many allowCredential entries and distinguish valid vs invalid key handles, enabling cross-origin account linking. Affected products in the provided records are Thunderbird < 91.10, Firefox < 101, and Firefox ESR

6.5CVSS7.2AI score0.00594EPSS
Exploits0References4Affected Software3
Vulnrichment
Vulnrichment
added 2022/12/22 12:0 a.m.6 views

CVE-2022-31742

An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affec...

5.9AI score0.00594EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.23 views

AlmaLinux 9 : thunderbird (ALSA-2022:4892)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:4892 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

9.8CVSS7.8AI score0.01055EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2022/08/03 12:0 a.m.22 views

CentOS: Security Advisory for firefox (CESA-2022:4870)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.5AI score0.01055EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/08/03 12:0 a.m.19 views

CentOS: Security Advisory for thunderbird (CESA-2022:4891)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.6AI score0.01055EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/08/02 12:0 a.m.46 views

CentOS 7 : firefox (RHSA-2022:4870)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4870 advisory. - A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird 91.1...

9.8CVSS8AI score0.01055EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2022/07/07 12:0 a.m.19 views

Mozilla Firefox ESR Security Advisory (MFSA2022-21) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

9.8CVSS8.2AI score0.01055EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/06/14 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:2062-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.26709EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/06/14 12:0 a.m.55 views

SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:2062-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2062-1 advisory. - An attacker could have sent a message to the parent process where the contents were used to double-index int...

9.8CVSS8.6AI score0.26709EPSS
Exploits0References25
OpenVAS
OpenVAS
added 2022/06/14 12:0 a.m.23 views

openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2022:2062-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.4AI score0.26709EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/06/06 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2022-0220)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.01055EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/06/06 12:0 a.m.44 views

Oracle Linux 8 : thunderbird (ELSA-2022-4887)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-4887 advisory. 91.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.10.0-1 - Update to 91.10.0 build1 Tenable has...

9.8CVSS7.8AI score0.01055EPSS
Exploits0References9
Mageia
Mageia
added 2022/06/04 8:25 p.m.46 views

Updated firefox/nss/nspr packages fix security vulnerability

A malicious website could have learned the size of a cross-origin resource that supported Range requests CVE-2022-31736. A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash CVE-2022-31737. When exiting fullscreen...

9.8CVSS0.7AI score0.01055EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/06/04 12:0 a.m.19 views

Debian: Security Advisory (DLA-3041-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.26709EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/06/04 12:0 a.m.19 views

Debian: Security Advisory (DLA-3040-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.01055EPSS
Exploits0References4
Debian
Debian
added 2022/06/03 4:36 p.m.45 views

[SECURITY] [DLA 3040-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3040-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 03, 2022 https://wiki.debian.org/LTS -...

9.8CVSS9.4AI score0.01055EPSS
Exploits0
Rows per page
Query Builder