37 matches found
CVE-2026-47272
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusbpadcompare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was also...
CVE-2026-31549
In the Linux kernel, the following vulnerability has been resolved: i2c: cp2615: fix serial string NULL-deref at probe The cp2615 driver uses the USB device serial string as the i2c adapter name but does not make sure that the string exists. Verify that the device has a serial number before...
MiracleLinux 9 : thunderbird-102.4.0-1.el9.ML.1 (AXSA:2022-4248:24)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4248:24 advisory. Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators CVE-2022-39249 Mozilla: Matrix...
MiracleLinux 8 : thunderbird-102.4.0-1.el8.ML.1 (AXSA:2022-3945:15)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3945:15 advisory. Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators CVE-2022-39249 Mozilla: Matrix...
CVE-2025-21004
Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device...
CVE-2023-7004
The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device, allowing for connection to a device that spoofs the MAC address of a lock, which compromises the legitimate locks integrity...
CVE-2023-7004 CVE-2023-7004
The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device, allowing for connection to a device that spoofs the MAC address of a lock, which compromises the legitimate locks integrity...
CVE-2023-7004 CVE-2023-7004
The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device, allowing for connection to a device that spoofs the MAC address of a lock, which compromises the legitimate locks integrity...
CVE-2023-7004
CVE-2023-7004 affects the TTLock ecosystem (TTLock App and related Sciener firmware) with a root cause of insufficient verification to prove device identity, enabling a device that spoofs a lock’s MAC address to connect and compromise the unlockKey, affecting lock integrity. Reported by multiple ...
WhatsApp introduces new security features
WhatsApp has announced several new security features which include an extra check when an account is transferred to a new device. This check asks that users confirm the transfer on their old device. This should warn users in case there is a transfer in progress started by somebody trying to hijac...
WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks
Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account. "Mobile device malware is one of the biggest threats to people's privacy and security today because it can take...
WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks
Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account. "Mobile device malware is one of the biggest threats to people's privacy and security today because it can take...
Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a device verification attack
A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. A malicious server administrator could interfere with cross-device verification to authenticate their own device...
Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a device verification attack
A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. A malicious server administrator could interfere with cross-device verification to authenticate their own device...
Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a device verification attack
A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. A malicious server administrator could interfere with cross-device verification to authenticate their own device...
Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a device verification attack
A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. A malicious server administrator could interfere with cross-device verification to authenticate their own device...
Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a device verification attack
A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. A malicious server administrator could interfere with cross-device verification to authenticate their own device...
Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a device verification attack
A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. A malicious server administrator could interfere with cross-device verification to authenticate their own device...
RHEL 8 : thunderbird (RHSA-2022:7183)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7183 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla:...
RHEL 9 : thunderbird (RHSA-2022:7178)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7178 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla:...