7 matches found
CVE-2026-40505
A flaw was found in MuPDF mutool. This vulnerability allows a local attacker to embed malicious ANSI escape sequences within a PDF's metadata. When a user views the PDF's information using the mutool info command, these unsanitized sequences are processed by the terminal. This can lead to the...
PT-2026-33222
Name of the Vulnerable Software and Affected Versions MuPDF mutool affected versions not specified Description MuPDF mutool fails to sanitize PDF metadata fields before writing them to terminal output. This allows the injection of arbitrary ANSI escape sequences—codes used to control terminal...
RHEL 9 : thunderbird (RHSA-2024:9019)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:9019 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: History interface could have been used ...
AlmaLinux 9 : thunderbird (ALSA-2024:8793)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:8793 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox: thunderbird: XS...
Design/Logic Flaw
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...
CVE-2021-36367
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...
CVE-2017-7164
An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. The issue involves the "App Store" component. It allows man-in-the-middle attackers to spoof password prompts...