Lucene search
K

30 matches found

Debian CVE
Debian CVE
added 2023/06/19 9:58 a.m.24 views

CVE-2023-29532

A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not...

5.5CVSS7.2AI score0.00185EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/06/19 9:58 a.m.9 views

CVE-2023-29532

A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not...

5.1AI score0.00185EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2023/06/19 9:58 a.m.16 views

CVE-2023-29532

A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not...

5.5CVSS6.4AI score0.00185EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/04/13 1:37 a.m.8 views

SUSE CVE-2023-29532

A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not...

5.5CVSS6.1AI score0.00185EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2023/04/12 6:30 a.m.48 views

CVE-2023-29532

The Mozilla Foundation Security Advisory describes this flaw as: A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before...

7.5CVSS5.8AI score0.00185EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/04/12 12:0 a.m.45 views

Mozilla Thunderbird < 102.10

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 102.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-15 advisory. - Mozilla developers Andrew Osmond, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team...

9.8CVSS7.7AI score0.00974EPSS
Exploits0References16
ATTACKERKB
ATTACKERKB
added 2022/03/23 10:15 p.m.15 views

CVE-2022-22819

NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers ROM version 1B have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted...

7.8CVSS7.7AI score0.01314EPSS
Exploits1References3
Prion
Prion
added 2022/03/23 10:15 p.m.22 views

Buffer overflow

NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers ROM version 1B have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted...

6.8CVSS7.9AI score0.01314EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/03/23 9:13 p.m.30 views

CVE-2022-22819

NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers ROM version 1B have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted...

8.1AI score0.01314EPSS
Exploits1References2
OSV
OSV
added 2019/04/09 6:29 p.m.2 views

CVE-2017-17023

The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering www.ncp-e.com. The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of the VPN client allows...

8.1CVSS5.9AI score
Exploits0References2
Rows per page
Query Builder