Lucene search
K

17 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Thunderbird

An attacker may carry out a DoS attack to prevent a user from sending encrypted emails to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self-signature, and the Thunderbird user imports the crafted key, then Thunderbird may attempt to use the inval...

6.5CVSS6.8AI score0.00427EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-10913

Malware in sbrugna...

6.5CVSS7.8AI score0.00427EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2021-10912

Malware in sbrugna...

4.3CVSS6.7AI score0.0048EPSS
Exploits0References13
OSV
OSV
added 2021/06/24 2:15 p.m.1 views

DEBIAN-CVE-2021-23992

Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbi...

4.3CVSS5.5AI score0.0048EPSS
Exploits0References1
Prion
Prion
added 2021/06/24 2:15 p.m.19 views

Code injection

An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid...

4.3CVSS6.3AI score0.00427EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2021/06/24 1:26 p.m.27 views

CVE-2021-23992

Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbi...

4.3CVSS5.4AI score0.0048EPSS
Exploits0
Veracode
Veracode
added 2021/04/19 11:9 p.m.19 views

Denial Of Service (DoS)

thunderbird is vulnerable to denial of service. An attacker is able to prevent a user from sending encrypted email to a correspondent via a malicious OpenPGP key with a subkey that has an invalid self signature...

6.5CVSS3AI score0.00427EPSS
Exploits0References7Affected Software6
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.53 views

Oracle Linux 7 : thunderbird (ELSA-2021-1192)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1192 advisory. 78.9.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.9.1-1 - Update to 78.9.1 Tenable has extracted...

6.8CVSS7.2AI score0.01035EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/04/14 5:12 p.m.5 views

Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key

An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid...

6.5CVSS7.3AI score0.00427EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/04/14 2:45 p.m.10 views

Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key

An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid...

6.5CVSS7.3AI score0.00427EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/04/14 2:45 p.m.10 views

Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user

Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbi...

4.3CVSS7.4AI score0.0048EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/04/14 2:24 p.m.4 views

Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user

Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbi...

4.3CVSS7.4AI score0.0048EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/04/14 11:14 a.m.4 views

Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user

Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbi...

4.3CVSS7.4AI score0.0048EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/04/14 11:14 a.m.8 views

Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key

An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid...

6.5CVSS7.3AI score0.00427EPSS
Exploits0References4
OSV
OSV
added 2021/04/13 12:0 a.m.7 views

UBUNTU-CVE-2021-23993

An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid...

6.5CVSS6.9AI score0.00427EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2021/04/13 12:0 a.m.35 views

CVE-2021-23993

An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid...

6.5CVSS6.9AI score0.00427EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/04/13 12:0 a.m.27 views

CVE-2021-23992

Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbi...

4.3CVSS6.3AI score0.0048EPSS
Exploits0References4
Rows per page
Query Builder