Lucene search
+L

56 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-25728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a...

6.5CVSS7.6AI score0.00672EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.24 views

openSUSE: Security Advisory for MozillaFirefox (SUSE-SU-2023:0461-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.00817EPSS
Exploits1References2
Circl
Circl
added 2023/06/02 8:36 p.m.5 views

CVE-2023-25728

creationtimestamp| type| source ---|---|--- 2023-06-02 20:36:49+00:00| seen| https://t.me/cibsecurity/64908...

6.5CVSS6.8AI score0.00672EPSS
Exploits0References1
OSV
OSV
added 2023/06/02 5:15 p.m.8 views

CVE-2023-25728

The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

6.5CVSS7.8AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/06/02 12:0 a.m.7 views

CVE-2023-25728

The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

6AI score0.00672EPSS
Exploits0References4
CVE
CVE
added 2023/06/02 12:0 a.m.197 views

CVE-2023-25728

The CVE-2023-25728 entry describes a CSP-Report-Only header issue where an attacker could leak a child iframe’s unredacted URI during a redirect, affecting Firefox < 110, Thunderbird < 102.8, and Firefox ESR

6.5CVSS6.5AI score0.00672EPSS
Exploits0References4Affected Software3
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2023:0466-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.00817EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.32 views

Mageia: Security Advisory (MGASA-2023-0057)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.00817EPSS
Exploits0References5
ALT Linux
ALT Linux
added 2023/03/15 12:0 a.m.39 views

Security fix for the ALT Linux 10 package firefox-esr version 102.8.0-alt1

102.8.0-alt1 built March 15, 2023 Pavel Vasenkov in task 316239 March 3, 2023 Pavel Vasenkov - New ESR version. - Security fixes + CVE-2023-25728 Content security policy leak in violation reports using iframes + CVE-2023-25730 Screen hijack via browser fullscreen mode + CVE-2023-0767 Arbitrary...

8.5AI score0.00817EPSS
Exploits1
ALT Linux
ALT Linux
added 2023/03/10 12:0 a.m.166 views

Security fix for the ALT Linux 10 package thunderbird version 102.8.0-alt1

102.8.0-alt1 built March 10, 2023 Pavel Vasenkov in task 316084 Feb. 28, 2023 Pavel Vasenkov - New version. - Security fixes: + CVE-2023-0616 User Interface lockup with messages combining S/MIME and OpenPGP + CVE-2023-25728 Content security policy leak in violation reports using iframes +...

8.2AI score0.00817EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/03/03 12:0 a.m.38 views

Mozilla Firefox Security Advisories (MFSA2023-04, MFSA2023-06) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.8CVSS8.4AI score0.00817EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2023/03/03 12:0 a.m.39 views

SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2023:0599-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0599-1 advisory. Updated Mozilla Thunderbird to version 102.8.0 bsc1208144: - CVE-2023-0616: Fixed User Interface...

8.8CVSS6.9AI score0.00817EPSS
Exploits1References28
OpenVAS
OpenVAS
added 2023/03/02 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-5880-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.00817EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.33 views

AlmaLinux 9 : thunderbird (ALSA-2023:0824)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:0824 advisory. - Mozilla: User Interface lockup with messages combining S/MIME and OpenPGP CVE-2023-0616 - An attacker could construct a PKCS 12 cert bundle in such a wa...

8.8CVSS7.8AI score0.00817EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2023/02/23 12:0 a.m.27 views

CentOS: Security Advisory for firefox (CESA-2023:0812)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.5AI score0.00817EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/02/23 12:0 a.m.21 views

CentOS: Security Advisory for thunderbird (CESA-2023:0817)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.5AI score0.00817EPSS
Exploits0References2
Cent OS
Cent OS
added 2023/02/22 5:48 p.m.55 views

thunderbird security update

CentOS Errata and Security Advisory CESA-2023:0817 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

8.8CVSS6.9AI score0.00817EPSS
Exploits0References7
OSV
OSV
added 2023/02/22 1:9 a.m.36 views

RLSA-2023:0810 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Security Fixes: Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation...

7.5CVSS8.6AI score0.00817EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.33 views

Rocky Linux 9 : thunderbird (RLSA-2023:0824)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0824 advisory. - Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory...

8.8CVSS7.8AI score0.00817EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.47 views

CentOS 7 : firefox (RHSA-2023:0812)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0812 advisory. - The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe...

8.8CVSS7.8AI score0.00737EPSS
Exploits0References12
Rows per page
Query Builder