10 matches found
EUVD-2005-3970
Malware in sbrugna...
EUVD-2023-33084
Malicious code in bioql PyPI...
CVE-2025-32035 DNN does not check the contents of a file when uploading files
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to 9.13.2, when uploading files e.g. when uploading assets, the file extension is checked to see if it's an allowed file type but the actual contents of the file aren't checked. This...
CVE-2024-13311 Allow All File Extensions for file fields - Critical - Unsupported - SA-CONTRIB-2024-075
Vulnerability in Drupal Allow All File Extensions for file fields.This issue affects Allow All File Extensions for file fields:...
Design/Logic Flaw
A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code. This bug only affects Firefox and Thunderbird on Windows. Other versions...
CVE-2023-29542
Technical details for CVE-2023-29542 are not publicly disclosed in the provided documents. No affected products, root cause, or mitigation are specified here. Monitor for updates from the sources to obtain concrete information.
CVE-2023-29542
A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code. This bug only affects Firefox and Thunderbird on Windows. Other versions...
CVE-2023-29542
A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code. This bug only affects Firefox and Thunderbird on Windows. Other versions...
CVE-2023-29542
A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code. This bug only affects Firefox and Thunderbird on Windows. Other versions...
Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2023-102-01)
The version of mozilla-thunderbird installed on the remote host is prior to 102.10.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-102-01 advisory. - OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and...