Lucene search
K

6 matches found

OSV
OSV
added 2024/11/09 5:17 a.m.12 views

MGASA-2024-0349 Updated nspr, nss, firefox & rust packages fix security vulnerabilities

Permission leak via embed or object elements. CVE-2024-10458 Use-after-free in layout with accessibility. CVE-2024-10459 Confusing display of origin for external protocol handler prompt. CVE-2024-10460 XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response...

9.8CVSS7.8AI score0.00809EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.14 views

RockyLinux 9 : thunderbird (RLSA-2024:8793)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8793 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox: thunderbird: X...

9.8CVSS7.3AI score0.00809EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2024/04/25 12:0 a.m.24 views

Debian dla-3794 : pterm - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3794 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3794-1 [email protected]...

8.1CVSS7.2AI score0.9378EPSS
Exploits4References10
UbuntuCve
UbuntuCve
added 2021/07/09 9:15 p.m.30 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.1CVSS7.2AI score0.01106EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2021/07/09 12:0 a.m.19 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

6.8AI score0.01106EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2021/07/09 12:0 a.m.23 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.1CVSS8.1AI score0.01106EPSS
Exploits0
Rows per page
Query Builder