CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

161 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в thunderbird

If a Thunderbird user has previously imported Alice’s OpenPGP key, and Alice has extended the validity period of her key, but Alice’s updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice’s key with an invalid subkey. In this case, Thunderbird...

6.8CVSS6.9AI score0.00204EPSS

Exploits1References1

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 8 : thunderbird-78.9.1-1.0.1.el8 (AXSA:2021-1686:06)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1686:06 advisory. Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key CVE-2021-23991 Mozilla: A crafted OpenPGP key wit...

6.8CVSS8.4AI score0.00204EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2016-7738

Malware in sbrugna...

6.1CVSS6.2AI score0.00768EPSS

Exploits5References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-18529

Malware in sbrugna...

4.3CVSS4.9AI score0.0026EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-29930

Malicious code in bioql PyPI...

9.8CVSS7.9AI score0.00662EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-21193

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00186EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:50 a.m.•4 views

CVE-2024-23737

Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Jira allows attackers to allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...

5.4CVSS7.1AI score0.00186EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:50 a.m.•1 views

CVE-2024-23736

Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Confluence allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...

8.8CVSS7.1AI score0.00265EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 1:20 a.m.•4 views

CVE-2010-4764

Open Ticket Request System OTRS before 2.4.10, and 3.x before 3.0.3, does not present warnings about incoming encrypted e-mail messages that were based on revoked PGP or GPG keys, which makes it easier for remote attackers to spoof e-mail communication by leveraging a key that has a revocation...

5CVSS6.9AI score0.00302EPSS

Exploits0References1

CNNVD•added 2025/03/10 12:0 a.m.•1 views

Mozilla Thunderbird 安全漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. A code issue vulnerability exists in Mozilla Thunderbird versions prior to 136 and prior ...

5.3CVSS6.8AI score0.00049EPSS

Exploits0References5

OSV•added 2024/07/01 10:15 p.m.•1 views

CVE-2024-23737

5.4CVSS5.8AI score0.00186EPSS

Exploits0References1

NVD•added 2024/07/01 10:15 p.m.•23 views

CVE-2024-23737

5.4CVSS0.00186EPSS

Exploits0References1

NVD•added 2024/07/01 10:15 p.m.•13 views

CVE-2024-23736

Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Confluence allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...

8.8CVSS0.00265EPSS

Exploits0References1

CVE•added 2024/07/01 12:0 a.m.•43 views

CVE-2024-23736

The CVE-2024-23736 entry concerns the savignano S/Notify product for Confluence, affected versions prior to 4.0.2. The vulnerability is a Cross-Site Request Forgery (CSRF) that enables an attacker to manipulate a user’s S/MIME certificate or PGP key via a malicious link or email. The root cause i...

8.8CVSS7.1AI score0.00265EPSS

Exploits0References1

Vulnrichment•added 2024/07/01 12:0 a.m.•15 views

CVE-2024-23737

7AI score0.00186EPSS

Exploits0References1

Vulnrichment•added 2024/07/01 12:0 a.m.•8 views

CVE-2024-23736

Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Confluence allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...

7AI score0.00265EPSS

Exploits0References1

Cvelist•added 2024/07/01 12:0 a.m.•11 views

CVE-2024-23736

Cross Site Request Forgery CSRF vulnerability in savignano S/Notify before 4.0.2 for Confluence allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email...

0.00265EPSS

Exploits0References1

Positive Technologies•added 2024/07/01 12:0 a.m.•2 views

PT-2024-20046 · Savignano · S/Notify

Name of the Vulnerable Software and Affected Versions: savignano S/Notify versions prior to 4.0.2 for Jira Description: A Cross Site Request Forgery CSRF issue allows attackers to manipulate a user's S/MIME certificate or PGP key via a malicious link or email. Recommendations: For versions prior ...

5.4CVSS7AI score0.00186EPSS

Exploits0References3

Cvelist•added 2024/07/01 12:0 a.m.•21 views

CVE-2024-23737

0.00186EPSS

Exploits0References1

CVE•added 2024/07/01 12:0 a.m.•57 views

CVE-2024-23737

CVE-2024-23737 describes a CSRF vulnerability in Savignano S/Notify prior to 4.0.2 for Jira that can allow manipulation of a user’s S/MIME certificate or PGP key via a malicious link or email. Affected software: Savignano S/Notify before 4.0.2 for Jira. Root cause: CSRF leading to unintended cert...

5.4CVSS7.1AI score0.00186EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by