[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26126 Download | Alert*

Mozilla Thunderbird 60.5: A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash.

Mozilla Thunderbird 60.5: A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again.

Mozilla Thunderbird 91.3 : Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.

Mozilla Firefox ESR 78.9 and Mozilla Thunderbird 78.9: An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited.

Mozilla Thunderbird before 78.8.1: Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state.

Mozilla Thunderbird before 78.9.1: Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the c ...

Mozilla Thunderbird before 78.9.1: When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search p ...

The host is installed with Adobe InDesign 18.x before 18.5.1 or 17.x through 17.4.2 and is prone to a NULL pointer dereference vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to cause application denial-of-service.

The host is installed with OpenSSL 3.0.0 and is prone to an infinite loop vulnerability. A flaw is present in the SM2 decryption code. Successful exploitation could allow attackers to cause denial of service.

The host is installed with Apple iTunes before 10.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle vectors related to a crafted website. Successful exploitation could allow attackers to crash the service.


Pages:      Start    1477    1478    1479    1480    1481    1482    1483    1484    1485    1486    1487    1488    1489    1490    ..   2612

© SecPod Technologies