8281 matches found
Updated thunderbird packages fix security vulnerabilities
Race condition in the Graphics component. CVE-2025-13012 Mitigation bypass in the DOM: Core & HTML component. CVE-2025-13013 CVE-2025-13014: Use-after-free in the Audio/Video component. CVE-2025-13014 Spoofing issue in Firefox. CVE-2025-13015 Incorrect boundary conditions in the JavaScript:...
MGASA-2025-0305 Updated thunderbird packages fix security vulnerabilities
Race condition in the Graphics component. CVE-2025-13012 Mitigation bypass in the DOM: Core & HTML component. CVE-2025-13013 CVE-2025-13014: Use-after-free in the Audio/Video component. CVE-2025-13014 Spoofing issue in Firefox. CVE-2025-13015 Incorrect boundary conditions in the JavaScript:...
CVE-2025-63216
The Itel DAB Gateway IDGat build c041640a is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the...
PT-2025-47471
Name of the Vulnerable Software and Affected Versions Itel DAB Encoder version 25aec8d Description The Itel DAB Encoder IDEnc build 25aec8d has a flaw in how it verifies JSON Web Tokens JWTs. This allows an attacker who has a valid JWT from one device to use it to gain administrative access to an...
CVE-2025-63224
The Itel DAB Encoder IDEnc build 25aec8d is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the...
CVE-2025-63224
The CVE-2025-63224 entry concerns the Itel DAB Encoder (IDEnc build 25aec8d). The root cause is improper JWT validation across devices, enabling authentication bypass: an attacker with a valid JWT from one device can authenticate as an admin on any other device running the same firmware. This lea...
CVE-2025-63217
The Itel DAB MUX IDMUX build c041640a is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the...
CVE-2025-63216
The Itel DAB Gateway IDGat build c041640a is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the...
CVE-2025-63226
The Sencore SMP100 SMP Media Platform firmware versions V4.2.160, V60.1.4, V60.1.29 is vulnerable to session hijacking due to improper session management on the /UserManagement.html endpoint. Attackers who are on the same network as the victim and have access to the target's logged-in session can...
EUVD-2025-197976
A Cross-Site Request Forgery CSRF vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation...
CVE-2025-6670
A Cross-Site Request Forgery CSRF vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation...
CVE-2025-6670
A Cross-Site Request Forgery CSRF vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation...
CVE-2025-63216
CVE-2025-63216 concerns the Itel DAB Gateway (IDGat build c041640a) where authentication is bypassed due to improper JWT validation. Attackers can reuse a valid JWT token from one device to authenticate and gain administrative access on any other device running the same firmware, enabling full co...
CVE-2025-63217
The CVE describes an Authentication Bypass in the Itel DAB MUX (IDMUX build c041640a) caused by improper JWT validation across devices. Exploitation would allow an attacker who has a valid JWT from one device to authenticate as an administrator on any other device running the same firmware, enabl...
PT-2025-47395
Name of the Vulnerable Software and Affected Versions Sencore SMP100 SMP Media Platform versions V4.2.160, V60.1.4, V60.1.29 Description The Sencore SMP100 SMP Media Platform is susceptible to session hijacking because of inadequate session management. An attacker on the same network as a logged-...
CVE-2025-63217
The Itel DAB MUX IDMUX build c041640a is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the...
CVE-2025-63216
The Itel DAB Gateway IDGat build c041640a is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the...
CVE-2025-63216
The Itel DAB Gateway IDGat build c041640a is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the...
CVE-2025-63217
The Itel DAB MUX IDMUX build c041640a is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the...
PT-2025-47410
Name of the Vulnerable Software and Affected Versions Itel DAB MUX versions affected versions not specified Description The Itel DAB MUX IDMUX build c041640a has a flaw in how it verifies JWT JSON Web Token authentication. This allows an attacker who has a valid JWT token from one device to use i...