Lucene search
K

31 matches found

OSV
OSV
added 2026/04/16 12:0 a.m.7 views

ALSA-2026:8468 Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK SDKVERSION and .NET Runtime...

7.5CVSS6.3AI score0.02279EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/04/15 10:48 a.m.5 views

thunderbird: Out of bounds read in IMAP parsing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...

8.2CVSS7.2AI score0.0036EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/15 10:46 a.m.6 views

thunderbird: Out of bounds read in IMAP parsing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...

8.2CVSS7.2AI score0.0036EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/04/01 8:49 a.m.3 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.9 MFSA 2026-24, bsc1260083: CVE-2026-3889: Spoofing issue in Thunderbird CVE-2026-4371: Out of bounds read in IMAP parsing CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender...

8.8CVSS6.4AI score0.01279EPSS
Exploits1References82
Tenable Nessus
Tenable Nessus
added 2026/03/24 12:0 a.m.2 views

Mozilla Thunderbird < 149.0

The version of Thunderbird installed on the remote Windows host is prior to 149.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-23 advisory. - Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox 149 a...

10CVSS6.6AI score0.01279EPSS
Exploits1References49
Mageia
Mageia
added 2025/11/04 4:13 p.m.17 views

Updated golang packages fix security vulnerabilities

Insufficient validation of bracketed IPv6 hostnames in net/url. CVE-2025-47912 Unbounded allocation when parsing GNU sparse map in archive/tar. CVE-2025-58183 Parsing DER payload can cause memory exhaustion in encoding/asn1. CVE-2025-58185 Lack of limit when parsing cookies can cause memory...

7.5CVSS6.8AI score0.00626EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/10/31 1:5 a.m.3 views

Excessive CPU consumption in ParseAddress in net/mail

...

7.5CVSS7AI score0.00613EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-3947

Malware in sbrugna...

7.8CVSS8.5AI score0.05076EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-52785

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00388EPSS
Exploits0References3
OSV
OSV
added 2024/11/14 5:26 p.m.14 views

USN-7111-1 golang-1.17 vulnerabilities

Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. CVE-2022-41723 Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this...

8.1CVSS6.9AI score0.91969EPSS
Exploits1References15
RedHat Linux
RedHat Linux
added 2024/05/22 9:51 a.m.1 views

python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...

5.3CVSS6.7AI score0.02507EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2024/03/07 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2024:0782-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.34174EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2024/01/30 12:0 a.m.44 views

RHEL 8 : python3 (RHSA-2024:0586)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0586 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

7.5CVSS7.2AI score0.02507EPSS
Exploits3References9
NVD
NVD
added 2023/07/27 7:15 p.m.16 views

CVE-2022-31200

Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field...

6.1CVSS6AI score0.00388EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/14 12:0 a.m.2 views

Mozilla Thunderbird 资源管理错误漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP and POP mail protocols as well as HTML mail format. A security vulnerability exists in Mozilla Thunderbird due to improper memory...

5.3CVSS7.3AI score0.00901EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.2 views

SUSE CVE-2019-15961

A vulnerability in the email parsing module Clam AntiVirus ClamAV Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in...

7.5CVSS9.2AI score0.03135EPSS
Exploits1References13
OSV
OSV
added 2020/12/27 2:15 a.m.2 views

CVE-2020-7845

Spamsniper 5.0 5.2.7 contain a stack-based buffer overflow vulnerability caused by improper boundary checks when parsing MAIL FROM command. It leads remote attacker to execute arbitrary code via crafted packet...

9.8CVSS7.9AI score0.0268EPSS
Exploits0References2
OSV
OSV
added 2018/01/30 5:41 p.m.4 views

USN-3550-1 clamav vulnerabilities

It was discovered that ClamAV incorrectly handled parsing certain mail messages. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-12374, CVE-2017-12375, CVE-2017-12379, CVE-2017-12380 It was discovered...

10CVSS7AI score0.12779EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2018/01/30 12:0 a.m.33 views

Fedora 27 : clamav (2018-cb339851e7)

ClamAV 0.99.3 ============= This release is a security release and is recommended for all ClamAV users. Please see details below : 1. ClamAV UAF use-after-free Vulnerabilities CVE-2017-12374 --------------------------------------------------------------- The ClamAV AntiVirus software versions...

10CVSS7.5AI score0.12779EPSS
Exploits7References11
OSV
OSV
added 2018/01/29 12:0 a.m.2 views

UBUNTU-CVE-2017-12375

The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail...

7.5CVSS7.1AI score0.05667EPSS
Exploits1References5
Rows per page
Query Builder