Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/04/16 10:49 a.m.5 views

CVE-2026-40505

A flaw was found in MuPDF mutool. This vulnerability allows a local attacker to embed malicious ANSI escape sequences within a PDF's metadata. When a user views the PDF's information using the mutool info command, these unsanitized sequences are processed by the terminal. This can lead to the...

4.8CVSS5.9AI score0.00166EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.11 views

PT-2026-33222

Name of the Vulnerable Software and Affected Versions MuPDF mutool affected versions not specified Description MuPDF mutool fails to sanitize PDF metadata fields before writing them to terminal output. This allows the injection of arbitrary ANSI escape sequences—codes used to control terminal...

4.8CVSS5.9AI score0.00166EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.16 views

RHEL 9 : thunderbird (RHSA-2024:9019)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:9019 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: History interface could have been used ...

9.8CVSS7.4AI score0.00809EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.18 views

AlmaLinux 9 : thunderbird (ALSA-2024:8793)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:8793 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox: thunderbird: XS...

9.8CVSS7.3AI score0.00809EPSS
Exploits0References12
Prion
Prion
added 2021/07/09 9:15 p.m.21 views

Design/Logic Flaw

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

5.8CVSS8AI score0.01106EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/07/09 9:15 p.m.2 views

CVE-2021-36367

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that the attacker can use to capture credential data, and use...

8.1CVSS5.5AI score0.01106EPSS
Exploits0References6
OSV
OSV
added 2018/04/03 6:29 a.m.3 views

CVE-2017-7164

An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. The issue involves the "App Store" component. It allows man-in-the-middle attackers to spoof password prompts...

5.9CVSS7.3AI score0.00825EPSS
Exploits0References2
Rows per page
Query Builder