Lucene search
K

9 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Thunderbird

If a Thunderbird user has previously imported Alice’s OpenPGP key, and Alice has extended the validity period of her key, but Alice’s updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice’s key with an invalid subkey. In this case, Thunderbird...

6.8CVSS6.6AI score0.01035EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.3 views

SUSE CVE-2021-23992

Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbi...

6.5CVSS8.8AI score0.0048EPSS
Exploits0References5
OSV
OSV
added 2021/06/24 2:15 p.m.0 views

DEBIAN-CVE-2021-29949

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

7.8CVSS6.8AI score0.00316EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2021/04/19 12:0 a.m.32 views

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2021:0580-1 Rating: important References: 1177542 1183942 1184536 Cross-References: CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 CVE-2021-23991 CVE-2021-23992 CVE-2021-23993 CVSS scores:...

7.5CVSS8.5AI score0.01404EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/04/17 12:0 a.m.17 views

CentOS: Security Advisory for thunderbird (CESA-2021:1192)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.8CVSS6.1AI score0.01035EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2021/04/15 12:0 a.m.72 views

thunderbird security update

78.9.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.9.1-1 - Update to 78.9.1...

6.8CVSS2AI score0.01035EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2021/04/14 2:45 p.m.9 views

Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key

If a Thunderbird user has previously imported Alice's OpenPGP key, and Alice has extended the validity period of her key, but Alice's updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice's key with an invalid subkey, Thunderbird might...

6.8CVSS7.3AI score0.01035EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/04/14 2:24 p.m.2 views

Mozilla: Thunderbird might execute an alternative OTR library

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

7.8CVSS7.3AI score0.00316EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2021/04/14 1:36 p.m.37 views

Moderate: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1. Security Fixes: Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key CVE-2021-23991 Mozilla: A crafted OpenPGP key with an invalid user ...

4.3CVSS1.2AI score0.01035EPSS
Exploits2References5
Rows per page
Query Builder