Important: thunderbird

Issue Overview: Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an invalid value "Spoofed Name ", Thunderbird treats [email protected] as the actual address. This...

SUSE CVE-2025-3932

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

CVE-2025-3932

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

DEBIAN-CVE-2025-3932

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

UBUNTU-CVE-2025-3932

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

CVE-2025-3932

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

CVE-2025-3932 Tracking Links in Attachments Bypassed Remote Content Blocking

It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...

Mozilla Thunderbird < 128.10.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 128.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-34 advisory. - It was possible to craft an email that showed a tracking link as an attachment. If the user attempted...

Mozilla Thunderbird < 138.0.1

The version of Thunderbird installed on the remote Windows host is prior to 138.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-35 advisory. - It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open th...

PT-2025-21188

Name of the Vulnerable Software and Affected Versions: Thunderbird versions prior to 128.10.1 Thunderbird versions prior to 138.0.1 Description: The issue allowed an attacker to craft an email that showed a tracking link as an attachment. When the user attempted to open the attachment, Thunderbir...

CVE-2024-9230

creationtimestamp| type| source ---|---|--- 2025-04-14 06:53:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11584 2025-04-14 10:28:55+00:00| seen| https://t.me/cvedetector/22834 2025-04-14 10:33:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmreeczy262g...

GHSA-P3X9-6H7P-CGFC

creationtimestamp| type| source ---|---|--- 2025-03-14 18:23:02+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lkea5pjd6i23 2025-03-30 06:32:02+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9547...

openSUSE Security Advisory (SUSE-SU-2025:0764-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-54421

creationtimestamp| type| source ---|---|--- 2024-12-16 16:51:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113663533019821343...

CVE-2024-50263

creationtimestamp| type| source ---|---|--- 2024-11-11 14:02:58+00:00| seen| https://infosec.exchange/users/cve/statuses/113464690446915585 2024-11-11 16:06:12+00:00| seen| https://t.me/cvedetector/10497...

CVE-2023-40273

creationtimestamp| type| source ---|---|--- 2023-08-23 20:12:49+00:00| seen| https://t.me/cibsecurity/69072 2023-09-04 16:03:01+00:00| seen| https://t.me/ctinow/134615 2025-01-08 08:49:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113791870409998283 2025-01-08 09:12:24+00:00| seen|...

WordPress plugin Tipsacarrier 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress...

Google AdMob filter vulnerabilities, malicious ads sneak into the application-vulnerability warning-the black bar safety net

! There are Android app developers complained, because the official advertising network poorly regulated, resulting in this pollution-free Android application infected with malicious ads. Android app strange is implanted in the third-party advertising From Sydney, two bus the Android app Arrivo a...

Threat Outbreak Alert RuleID10418: Email Messages Distributing Malicious Software on June 24, 2014

Medium Alert ID: 34694 First Published: 2014 June 24 12:50 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID10418 may contain the following files: Name | Siz...