Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:11 p.m.9 views

CVE-2018-18513

A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service DOS attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird 60.5...

7.5CVSS6.4AI score0.0132EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-10238

Malware in sbrugna...

7.5CVSS8.3AI score0.0132EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-7227

Malware in sbrugna...

5CVSS8.5AI score0.06989EPSS
Exploits0References21
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-8913

Malware in sbrugna...

7.5CVSS7.4AI score0.05167EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-1195

Malware in sbrugna...

5CVSS8.5AI score0.06843EPSS
Exploits0References35
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2012-1165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mimeparamcmp function in crypto/asn1/asnmime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service NULL...

5CVSS7.8AI score0.06843EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.43 views

Oracle Linux 5 : openssl (ELSA-2009-1335)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1335 advisory. - fix CVE-2009-1386 CVE-2009-1387 DTLS DoS problems 503685, 503688 - fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 DTLS DoS problems 501253, 501254,...

5CVSS7.2AI score0.80134EPSS
Exploits20References8
Vulnrichment
Vulnrichment
added 2023/02/16 12:0 a.m.9 views

CVE-2021-43529

Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS...

9.8AI score0.00469EPSS
Exploits0References1
OSV
OSV
added 2021/03/05 10:42 p.m.5 views

OPENSUSE-SU-2021:0387-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 78.8 fixed: Importing an address book from a CSV file always reported an error fixed: Security information for S/MIME messages was not displayed correctly prior to a draft being saved fixed: Calendar: FileLink UI...

8.8CVSS7.2AI score0.0153EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/04/22 12:0 a.m.50 views

Ubuntu 16.04 LTS : Thunderbird vulnerabilities (USN-4335-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4335-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an...

9.8CVSS8.1AI score0.46589EPSS
Exploits18References40
RedhatCVE
RedhatCVE
added 2019/10/17 3:21 p.m.27 views

CVE-2019-11755

A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted...

7.5CVSS2.5AI score0.01075EPSS
Exploits0References4
ALT Linux
ALT Linux
added 2019/10/13 12:0 a.m.29 views

Security fix for the ALT Linux 10 package thunderbird version 68.1.2-alt1

Oct. 13, 2019 Andrey Cherepanov 68.1.2-alt1 - New version 68.1.2. - Fixed: + CVE-2019-11739 Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message + CVE-2019-11746 Use-after-free while manipulating video + CVE-2019-11744 XSS by breaking out of title and textarea...

9.3CVSS7.3AI score0.0216EPSS
Exploits1
Prion
Prion
added 2019/09/27 6:15 p.m.23 views

Code injection

A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted...

5CVSS7AI score0.01075EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2019/09/27 5:10 p.m.29 views

CVE-2019-11755

A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted...

7.5CVSS8.3AI score0.01075EPSS
Exploits0
Cvelist
Cvelist
added 2019/09/27 5:10 p.m.23 views

CVE-2019-11755

A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted...

7.5AI score0.01075EPSS
Exploits0References9
Prion
Prion
added 2019/04/26 5:29 p.m.24 views

Code injection

A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service DOS attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird 60.5...

5CVSS7.5AI score0.0132EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2014/12/01 3:59 p.m.8 views

CVE-2014-9087

Integer underflow in the ksbaoidtostr function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service crash via a crafted OID in a 1 S/MIME message or 2 ECC based OpenPGP data, which triggers a buffer overflow...

6.5AI score
Exploits0References13
UbuntuCve
UbuntuCve
added 2014/11/26 12:0 a.m.25 views

CVE-2014-9087

Integer underflow in the ksbaoidtostr function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service crash via a crafted OID in a 1 S/MIME message or 2 ECC based OpenPGP data, which triggers a buffer overflow...

7.5CVSS7.5AI score0.05167EPSS
Exploits0References4
OSV
OSV
added 2014/11/26 12:0 a.m.3 views

UBUNTU-CVE-2014-9087

Integer underflow in the ksbaoidtostr function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service crash via a crafted OID in a 1 S/MIME message or 2 ECC based OpenPGP data, which triggers a buffer overflow...

7.5CVSS7.6AI score0.05167EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2014/06/19 12:0 a.m.40 views

SOL15349 - OpenSSL 0.9.8t Denial of Service via S/MIME msg vulnerability CVE-2006-7250

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

5CVSS3.7AI score0.06989EPSS
Exploits0References5
Rows per page
Query Builder