CVE-2026-29138 PGP Decryption Sender LDAP Injection

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own...

CVE-2026-29131

SEPPmail Secure Email Gateway is affected for versions before 15.0.3. CVE-2026-29131 describes an issue where an attacker, by sending a specially crafted email address, can read the contents of emails encrypted for other users. This vulnerability impacts confidentiality. The available documents d...

AVideo has Unauthenticated PGP Message Decryption via Public Endpoint

Summary The AVideo platform exposes a publicly accessible endpoint that performs server-side PGP decryption without requiring any form of authentication. Any anonymous user can submit a private key, ciphertext, and passphrase to the endpoint and receive the decrypted plaintext in the JSON respons...

SUSE-SU-2026:20906-1 Security update for postgresql17

This update for postgresql17 fixes the following issues: - Update to version 17.9. bsc1258754 - CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector bsc1258008 - CVE-2026-2004: Harden selectivity estimators against being attached to operators that accept unexpected data type...

CLSA-2026-1773160910 postgresql: Fix of 3 CVEs

CVE-2026-2004: require superuser to install non-built-in selectivity estimators and harden intarray intmatchsel against wrong operator type - CVE-2026-2005: fix heap buffer overflow in pgcrypto PGP public-key decryption by validating session key length - CVE-2026-2006: fix multibyte character...

OESA-2026-1539 thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were render...

SUSE-SU-2026:0768-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Update to version 14.22 bsc1258754. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to...

SUSE-SU-2026:0615-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Update to version 15.16. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

Mageia: Security Advisory (MGASA-2018-0321)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : Mozilla Thunderbird (openSUSE-2019-503)

This update for Mozilla Thunderbird to version 52.9.0 fixes multiple issues. Security issues fixed, inherited from the Mozilla common code base MFSA 2018-16, bsc1098998 : - CVE-2018-12359: Buffer overflow using computed size of canvas element - CVE-2018-12360: Use-after-free when using focus -...

SUSE-SU-2018:2174-1 Security update for Mozilla Thunderbird

This update for Mozilla Thunderbird to version 52.9.1 fixes multiple issues. Security issues fixed, inherited from the Mozilla common code base MFSA 2018-16, bsc1098998: - CVE-2018-12359: Buffer overflow using computed size of canvas element - CVE-2018-12360: Use-after-free when using focus -...

Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20180725)

This update upgrades Thunderbird to version 52.9.1. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 CVE-2018-5188 - Mozilla: Buffer overflow using computed size of canvas element CVE-2018-12359 - Mozilla: Use-after-free using focus...

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20180725)

This update upgrades Thunderbird to version 52.9.1. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 CVE-2018-5188 - Mozilla: Buffer overflow using computed size of canvas element CVE-2018-12359 - Mozilla: Use-after-free using focus...

RHEL 7 : thunderbird (RHSA-2018:2252)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2252 advisory. - Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 CVE-2018-5188 - Mozilla: Buffer overflow using...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Updated thunderbird packages fix security vulnerabilities

The updated packages fix several bugs and some security issues: Buffer overflow using computed size of canvas element. CVE-2018-12359 Use-after-free when using focus. CVE-2018-12360 S/MIME and PGP decryption oracles can be built with HTML emails. CVE-2018-12372 S/MIME plaintext can be leaked...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Thunderbird vulnerabilities (USN-3714-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3714-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a...

USN-3714-1 thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass CORS restrictions, obtain sensitive information, or execute arbitrary...

openSUSE Security Update : Mozilla Thunderbird (openSUSE-2018-701)

This update for Mozilla Thunderbird to version 52.9.0 fixes multiple issues. Security issues fixed, inherited from the Mozilla common code base MFSA 2018-16, bsc1098998 : - CVE-2018-12359: Buffer overflow using computed size of canvas element - CVE-2018-12360: Use-after-free when using focus -...

Security update for Mozilla Thunderbird (moderate)

This update for Mozilla Thunderbird to version 52.9.0 fixes multiple issues. Security issues fixed, inherited from the Mozilla common code base MFSA 2018-16, bsc1098998: - CVE-2018-12359: Buffer overflow using computed size of canvas element - CVE-2018-12360: Use-after-free when using focus -...