CVE-2025-10953

A security vulnerability has been detected in UTT 1200GW and 1250GW up to 3.0.0-170831/3.2.2-200710. This vulnerability affects unknown code of the file /goform/formApMail. The manipulation of the argument senderEmail leads to buffer overflow. The attack may be initiated remotely. The exploit has...

CVE-2025-10953 UTT 1200GW/1250GW formApMail buffer overflow

A security vulnerability has been detected in UTT 1200GW and 1250GW up to 3.0.0-170831/3.2.2-200710. This vulnerability affects unknown code of the file /goform/formApMail. The manipulation of the argument senderEmail leads to buffer overflow. The attack may be initiated remotely. The exploit has...

CVE-2021-30998

A S/MIME issue existed in the handling of encrypted email. This issue was addressed with improved selection of the encryption certificate. This issue is fixed in iOS 15.2 and iPadOS 15.2. A sender's email address may be leaked when sending an S/MIME encrypted email using a certificate with more...

CVE-2025-40623

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘Sender’ and...

Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird displays all spaces. This flaw allows an attacker to send an ema...

GHSA-9P7Q-V9GP-FRQ4 Dolibarr Cross-site Scripting vulnerability

An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoing email setup" feature in the admin/mails.php?action=edit URI via the "Sender email for automatic emails default value in php.ini: Undefined" field...

CentOS 8 : thunderbird (CESA-2020:2046)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:2046 advisory. - Mozilla: Use-after-free during worker shutdown CVE-2020-12387 - Mozilla: Arbitrary local file access with 'Copy as cURL' CVE-2020-12392 - Mozilla:...

CVE-2020-12397

By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird 68.8.0...

CentOS 6 : thunderbird (RHSA-2020:2049)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2049 advisory. - A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash...

thunderbird security update

CentOS Errata and Security Advisory CESA-2020:2050 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20200511)

Security Fixes : - Mozilla: Use-after-free during worker shutdown CVE-2020-12387 - Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 CVE-2020-12395 - usrsctp: Buffer overflow in AUTH chunk input validation CVE-2020-6831 - Mozilla: Arbitrary local file access with 'Copy as cURL'...

Critical: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Critical: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Critical: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 8 : thunderbird (RHSA-2020:2046)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2046 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fixes: Mozilla:...

RHEL 7 : thunderbird (RHSA-2020:2050)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2050 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fixes: Mozilla:...

openSUSE Security Update : MozillaThunderbird (openSUSE-2020-643)

This update for MozillaThunderbird fixes the following issues : - Update to 68.8.0 ESR MFSA 2020-18 bsc1171186 - CVE-2020-12397 bmo1617370 Sender Email Address Spoofing using encoded Unicode characters - CVE-2020-12387 bmo1545345 Use-after-free during worker shutdown - CVE-2020-6831 bmo1632241...

Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fix security vulnerabilities: A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash CVE-2020-6831. A race condition when running shutdown code for Web Worker led to...

WordPress Unauthorized Password Reset Vulnerability

WordPress is a free open source content management system CMS based on PHP and MySQL. WordPress suffers from an unauthorized password reset vulnerability due to the fact that WordPress uses the contents of the SERVERNAME variable sent by the client to form the sender's email address when creating...

wordpress Diary/Notebook theme email spoofing vulnerability-vulnerability warning-the black bar safety net

WordPress this Diary/Notebook theme is to have site5 design of a personal Journal blog system theme. The recent burst of the email spoofing vulnerability. Attach the perl script Exp: !/ usr/bin/perl Exploit Title: Diary/Notebook Site5 WordPress Theme - Email Spoofing Date: 15.07.2012 Exploit...