Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
email security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6861
The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-6862
A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-6863
The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-6864
Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ES...
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-50761
The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatc...
Mozilla Thunderbird
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-50762
When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signe...
Mozilla Thunderbird
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-49321
Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoin...
F-secure Linux Protection 12.0
F-secure Linux Security 64 12.0
F-secure Atlant 1.0.35-1
F-secure Client Security 15.00
F-secure Elements Endpoint Protection
F-secure Email And Server Security 15.00
F-secure Server Security 15.00
NA
CVE-2023-49322
Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoin...
F-secure Linux Protection 12.0
F-secure Linux Security 64 12.0
F-secure Atlant 1.0.35-1
F-secure Client Security 15.00
F-secure Elements Endpoint Protection
F-secure Email And Server Security 15.00
F-secure Server Security 15.00
NA
CVE-2023-47172
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17 and later.
Withsecure Elements Endpoint Protection
Withsecure Email And Server Security
Withsecure Server Security
Withsecure Client Security
NA
CVE-2023-47263
Certain WithSecure products allow a Denial of Service (DoS) in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and...
Withsecure Client Security 15
Withsecure Elements Endpoint Protection
Withsecure Email And Server Security 15
Withsecure Server Security 15
Withsecure Linux Protection 12.0
Withsecure Linux Security 64 12.0
Withsecure Atlant
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »