Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
spoof the mouse pointer position, obtain sensitive information, spoof the
contents of the addressbar, bypass security restrictions, or execute
arbitrary code. (CVE-2022-2505, CVE-2022-36318, CVE-2022-36319,
CVE-2022-38472, CVE-2022-38473, CVE-2022-38476 CVE-2022-38477,
CVE-2022-38478)
Multiple security issues were discovered in Thunderbird. An attacker could
potentially exploit these in order to determine when a user opens a
specially crafted message. (CVE-2022-3032, CVE-2022-3034)
It was discovered that Thunderbird did not correctly handle HTML messages
that contain a meta tag in some circumstances. If a user were tricked into
replying to a specially crafted message, an attacker could potentially
exploit this to obtain sensitive information. (CVE-2022-3033)
A security issue was discovered with the Matrix SDK in Thunderbird. An
attacker sharing a room with a user could potentially exploit this to
cause a denial of service. (CVE-2022-36059)
More Stories
libxml2-2.12.9-1.fc40
FEDORA-2024-9f3765a04b Packages in this update: libxml2-2.12.9-1.fc40 Update description: Update to 2.12.9 Fixes CVE-2024-40896 Read More
libxml2-2.12.9-1.fc41
FEDORA-2024-867a14de12 Packages in this update: libxml2-2.12.9-1.fc41 Update description: Update to 2.12.9 Fixes CVE-2024-40896. Read More
iwd-3.3-1.fc40 libell-0.71-1.fc40
FEDORA-2024-0fa283c43a Packages in this update: iwd-3.3-1.fc40 libell-0.71-1.fc40 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
iwd-3.3-1.fc41 libell-0.71-1.fc41
FEDORA-2024-256818da09 Packages in this update: iwd-3.3-1.fc41 libell-0.71-1.fc41 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source...
CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 21 CyberDanube Security Research 20241219-0 ------------------------------------------------------------------------------- title| Authenticated Remote Code...