14 matches found
Astra Linux - уязвимость в thunderbird
OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will...
EUVD-2021-16415
Malware in sbrugna...
CVE-2025-59339 The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script
The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, i...
SUSE-SU-2025:0849-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 128.8 MFSA 2025-18 bsc1237683: - CVE-2024-43097: Overflow when growing an SkRegion's RunArray - CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process - CVE-2025-1931:...
Mozilla Thunderbird Code Issue Vulnerability
Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. A code issue vulnerability exists in Mozilla Thunderbird versions prior to 136 and prior ...
SUSE CVE-2021-29956
OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will...
rpm: RPM does not require subkeys to have a valid binding signature
There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature."1 RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey t...
ROS-2-813
2.813 Multiple vulnerabilities in Mozilla Thunderbird Mozilla Firefox CVE-2021-23953-CVE-2021-23965, CVE-2021-23991-CVE-2021-23993 1. Vulnerability Description: The vulnerability allows a remote attacker to gain access to potentially sensitive information. Vulnerability allows a remote attacker t...
CVE-2021-29956
OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will...
DEBIAN-CVE-2021-29956
OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will...
SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2021:1854-1)
"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1854-1 advisory. - Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a...
Oracle Linux 8 : thunderbird (ELSA-2021-2264)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-2264 advisory. 78.11.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.11.0-1 - Update to 78.11.0 build1 Tenable has...
openSUSE Security Update : Mozilla Suite (openSUSE-SU-2013:1633-1)
MozillaFirefox was updated to Firefox 25.0. MozillaThunderbird was updated to Thunderbird 24.1.0. Mozilla XULRunner was updated to 17.0.10esr. Mozilla NSPR was updated to 4.10.1. Changes in MozillaFirefox : - requires NSS 3.15.2 or above - MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592...
Debian: Security Advisory (DSA-1779-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...