Lucene search
K

72 matches found

nessus
nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : thunderbird-102.6.0-2.el9.ML.1 (AXSA:2023-5063:07)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5063:07 advisory. Mozilla: Arbitrary file read from a compromised content process CVE-2022-46872 Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbir...

9.8CVSS8.5AI score0.00921EPSS
Exploits0References8
nessus
nessus
added 2025/08/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-46872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.This bug only...

8.6CVSS8.1AI score0.00772EPSS
Exploits0References2
nessus
nessus
added 2023/09/27 12:0 a.m.25 views

Amazon Linux 2 : firefox (ALASFIREFOX-2023-008)

The version of firefox installed on the remote host is prior to 102.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-008 advisory. The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process cou...

9.8CVSS8.4AI score0.00921EPSS
Exploits0References14
nessus
nessus
added 2023/05/03 12:0 a.m.22 views

GLSA-202305-06 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-06 Mozilla Firefox: Multiple Vulnerabilities - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox This bug only affects Thunderbird for Linux...

9.8CVSS8.5AI score0.00921EPSS
Exploits0References24
susecve
susecve
added 2023/02/15 3:22 a.m.4 views

SUSE CVE-2022-46872

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...

8.6CVSS7.8AI score0.00772EPSS
Exploits0References8
nessus
nessus
added 2023/01/14 12:0 a.m.24 views

Rocky Linux 8 : firefox (RLSA-2022:9067)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:9067 advisory. - A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox This bug only affects...

9.8CVSS8.4AI score0.00921EPSS
Exploits0References13
openvas
openvas
added 2023/01/11 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-5782-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.00892EPSS
Exploits0References3
ubuntu
ubuntu
added 2023/01/10 6:37 a.m.73 views

USN-5782-3: Firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

8.3AI score
Exploits0References1
osv
osv
added 2023/01/05 1:30 p.m.12 views

USN-5782-2 firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

6.1AI score
Exploits0References2
altlinux
altlinux
added 2022/12/23 12:0 a.m.108 views

Security fix for the ALT Linux 10 package thunderbird version 102.6.0-alt1

102.6.0-alt1 built Dec. 23, 2022 Pavel Vasenkov in task 311857 Dec. 16, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-4687...

9.3AI score0.00921EPSS
Exploits0
osv
osv
added 2022/12/22 8:15 p.m.2 views

DEBIAN-CVE-2022-46872

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...

8.6CVSS8.6AI score0.00772EPSS
Exploits0References1
osv
osv
added 2022/12/22 8:15 p.m.7 views

CVE-2022-46872

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...

8.6CVSS8.7AI score
Exploits0References6
cve
cve
added 2022/12/22 12:0 a.m.282 views

CVE-2022-46872

CVE-2022-46872 describes an attacker who compromised a Thunderbird content process on Linux could partially escape the sandbox and read arbitrary files via clipboard-related IPC messages. Publicly cited texts indicate the vulnerability affects Firefox <108, Firefox ESR <102.6, and Thunderbird

8.6CVSS8.5AI score0.00772EPSS
Exploits0References6Affected Software2
alpinelinux
alpinelinux
added 2022/12/22 12:0 a.m.32 views

CVE-2022-46872

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...

8.6CVSS8.8AI score0.00772EPSS
Exploits0
nessus
nessus
added 2022/12/21 12:0 a.m.39 views

SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2022:4579-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4579-1 advisory. Update to version 102.6 bsc1206242: - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872:...

9.8CVSS6.9AI score0.00921EPSS
Exploits0References16
openvas
openvas
added 2022/12/21 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2022:4579-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.00921EPSS
Exploits0References2
openvas
openvas
added 2022/12/19 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2022-0476)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.5AI score0.00921EPSS
Exploits0References3
openvas
openvas
added 2022/12/18 12:0 a.m.26 views

Debian: Security Advisory (DSA-5303-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.00921EPSS
Exploits0References4
mageia
mageia
added 2022/12/17 8:37 p.m.65 views

Updated firefox packages fix security vulnerability

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages CVE-2022-46872. A drag-and-dropped file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious...

9.8CVSS1.7AI score0.00921EPSS
Exploits0References4
openvas
openvas
added 2022/12/16 12:0 a.m.21 views

Debian: Security Advisory (DLA-3241-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.00921EPSS
Exploits0References4
Rows per page
Query Builder