4 matches found
CVE-2025-27143 Beter Auth has an Open Redirect via Scheme-Less Callback Parameter
Better Auth is an authentication and authorization library for TypeScript. Prior to version 1.1.21, the application is vulnerable to an open redirect due to improper validation of the callbackURL parameter in the email verification endpoint and any other endpoint that accepts callback url. While...
Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a device verification attack
A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. A malicious server administrator could interfere with cross-device verification to authenticate their own device...
RHEL 8 : thunderbird (RHSA-2022:7190)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7190 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Security Fixes: Mozilla:...
CVE-2002-2204
The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source...