GO-2026-4770 Improper handling of null Unicode character when parsing JSON in github.com/modelcontextprotocol/go-sdk

Improper handling of null Unicode character when parsing JSON in github.com/modelcontextprotocol/go-sdk...

[SECURITY] Fedora 42 Update: python-unicodedata2-17.0.0-1.fc42

This module provides access to the Unicode Character Database UCD which defines character properties for all Unicode characters. The data contained in this database is compiled from the UCD version 13.0.0. The versions of this package match Unicode versions, so unicodedata2=3D=3D13. 0.0 is data...

EUVD-2009-3358

Malware in sbrugna...

EUVD-2007-2682

Malware in sbrugna...

EUVD-2016-0789

Malware in sbrugna...

EUVD-2019-3391

Malware in sbrugna...

EUVD-2012-3689

Malware in sbrugna...

EUVD-2010-1407

Malware in sbrugna...

EUVD-2018-16930

Malware in sbrugna...

EUVD-2020-7638

Malware in sbrugna...

EUVD-2023-44083

Malicious code in bioql PyPI...

CVE-2025-27556

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.setlanguage are subject to a potential denial-of-service attack v...

MGASA-2025-0039 Updated python-django packages fix security vulnerabilities

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets. CVE-2024-38875 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. T...

Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users

A new attack campaign dubbed CLOUDREVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. "The VBScript and PowerShell scripts in the CLOUDREVERSER inherently involves command-and-control-like activities by using Google...

RHEL 6 : thunderbird (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - thunderbird: Memory corruption when processing S/MIME messages CVE-2021-43529 - thunderbird: Crafted emai...

CentOS 7 : thunderbird (RHSA-2023:4495)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4495 advisory. - Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document...

Amazon Linux 2 : thunderbird (ALAS-2023-2248)

The version of thunderbird installed on the remote host is prior to 102.15.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2248 advisory. Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be...

Important: thunderbird

Issue Overview: Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file...

ROS-20230908-08

A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character to to override text direction in file names. Exploitation of the vulnerability could allow an attacker, acting remotely to conduct spoofing attacks...

Oracle Linux 8 : thunderbird (ELSA-2023-4497)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4497 advisory. 102.14.0-1.0.1 - Update to 102.14.0 build1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...