Linux Distros Unpatched Vulnerability : CVE-2025-4082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate...

Mozilla Thunderbird < 17.0.6

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 17.0.6. It is, therefore, affected by a vulnerability as referenced in the mfsa2013-42 advisory. - Call content level constructor as if from a chrome/privileged pageCVE-2013-1670 CVE-2013-1670 Note that Nessus h...

Mozilla Thunderbird ESR < 128.10

The version of Thunderbird ESR installed on the remote macOS or Mac OS X host is prior to 128.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-32 advisory. - Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128....

Code injection

When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This...