5458 matches found
Mozilla: Leaking of encrypted email subjects to other conversations
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...
Mozilla: Leaking of encrypted email subjects to other conversations
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...
Moderate: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Mozilla: Leaking of encrypted email subjects to other conversations
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...
Mozilla: Leaking of encrypted email subjects to other conversations
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...
Moderate: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Mozilla: Leaking of encrypted email subjects to other conversations
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...
Mozilla: Leaking of encrypted email subjects to other conversations
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...
Mozilla: Leaking of encrypted email subjects to other conversations
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...
ALSA-2024:1493 Moderate: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fixes: nss: timing attack against RSA decryption CVE-2023-5388 Mozilla: Crash in NSS TLS method CVE-2024-0743 Mozilla: Leaking of encrypted email subjects to other...
Moderate: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fixes: nss: timing attack against RSA decryption CVE-2023-5388 Mozilla: Crash in NSS TLS method CVE-2024-0743 Mozilla: Leaking of encrypted email subjects to other...
[SECURITY] [DLA 3769-1] thunderbird security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3769-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 23, 2024 https://wiki.debian.org/LTS -...
Decryption Failure
ilicmiljan/secure-props is vulnerable to Decryption Failure. The vulnerability due to a regex which fails to detect tags during the decryption of encrypted data encoded with the NullEncoder and contains special characters such as \n. When this encrypted data is passed to the TagAwareCipher, the...
The vulnerability of Mozilla Thunderbird’s email client, related to errors in assigning encrypted email subjects to arbitrary other emails in the local cache, allows attackers to gain access to confidential information.
The vulnerability of Mozilla Thunderbird’s email client stems from errors in assigning the encrypted subject of an email to any other electronic message in the local cache. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...
kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client
An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...
SecureProps Security Vulnerabilities
SecureProps is a PHP library designed to simplify the encryption and decryption of property data in objects. A security vulnerability exists in SecureProps versions 1.2.0 and 1.2.1, which stems from the inability of regular expressions to detect tags during the decryption of encrypted data, which...
Low: thunderbird
Issue Overview: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a...
CVE-2024-2495
Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16.51b3d35. This vulnerability could allow an attacker to compromise the confidentiality and integrity of encrypted data...
CVE-2024-2495 Cryptographic key in plain text vulnerability in FriendlyElec's FriendlyWrt
Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16.51b3d35. This vulnerability could allow an attacker to compromise the confidentiality and integrity of encrypted data...
CVE-2024-2495 Cryptographic key in plain text vulnerability in FriendlyElec's FriendlyWrt
Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16.51b3d35. This vulnerability could allow an attacker to compromise the confidentiality and integrity of encrypted data...