36 matches found
EUVD-2015-5830
Malware in sbrugna...
EUVD-2000-1123
Malware in sbrugna...
CVE-2025-26842
An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog...
CVE-2025-26842
Znuny up to version 7.1.3 contains an information-disclosure vulnerability where, if ticket access is not enforced, the content of S/MIME encrypted emails becomes visible to users who can access the CommunicationLog. Root cause is improper access control. Impact is exposure of potentially sensiti...
CVE-2025-2545
Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could...
CVE-2025-26696
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted...
CVE-2025-26696
Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted. This vulnerability was fixed in Thunderbird 136 and Thunderbird 128.8...
CVE-2025-26696 Crafted email message incorrectly shown as being encrypted
Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted. This vulnerability was fixed in Thunderbird 136 and Thunderbird 128.8...
CVE-2025-26696
CVE-2025-26696 affects Mozilla Thunderbird and is triggered by certain crafted MIME messages that claim to contain an encrypted OpenPGP message but actually contain an OpenPGP signed message, causing the UI to mis-display the content as encrypted. Public references in connected documents corrobor...
CVE-2025-26696
Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted. This vulnerability was fixed in Thunderbird 136 and Thunderbird 128.8...
Mozilla Thunderbird < 128.8
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 128.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-18 advisory. - Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. So...
MGASA-2024-0212 Updated amavisd-new packages fix security vulnerability
Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...
Moderate: Red Hat Security Advisory: mutt security update
An update for mutt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Fedora 38 : amavis (2024-1d87055861)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-1d87055861 advisory. Update to version 2.13.1 Fix CVE-2024-28054 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...
CVE-2024-28054
Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...
CVE-2024-28054
Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...
Ubuntu: Security Advisory (USN-6563-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : thunderbird (ELSA-2024-0027)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0027 advisory. 115.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.6.0-1 - Update to...
RHEL 8 : thunderbird (RHSA-2024:0003)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0003 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...
CVE-2023-50761
The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be...