Page 75 of 1546 results (0.011 seconds)

CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0

Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. Las partes S/MIME descifradas, cuando se incluyen en HTML manipulado para un ataque, pueden filtrar texto plano cuando se incluyen en una respuesta/reenvío HTML. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.9. • http://www.securityfocus.com/bid/104613 https://access.redhat.com/errata/RHSA-2018:2251 https://access.redhat.com/errata/RHSA-2018:2252 https://bugzilla.mozilla.org/show_bug.cgi?id=1419417 https://lists.debian.org/debian-lts-announce/2018/07/msg00013.html https://security.gentoo.org/glsa/201811-13 https://usn.ubuntu.com/3714-1 https://www.debian.org/security/2018/dsa-4244 https://www.mozilla.org/security/advisories/mfsa2018-18 https://access.redhat.com/security/cve/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •

CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0

dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. Las partes S/MIME descifradas ocultas con CSS o la etiqueta HTML en texto plano pueden filtrar texto plano cuando se incluyen en una respuesta/reenvío HTML. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.9. • http://www.securityfocus.com/bid/104613 https://access.redhat.com/errata/RHSA-2018:2251 https://access.redhat.com/errata/RHSA-2018:2252 https://bugzilla.mozilla.org/show_bug.cgi?id=1464056 https://bugzilla.mozilla.org/show_bug.cgi?id=1464667 https://lists.debian.org/debian-lts-announce/2018/07/msg00013.html https://security.gentoo.org/glsa/201811-13 https://usn.ubuntu.com/3714-1 https://www.debian.org/security/2018/dsa-4244 https://www.mozilla.org/security/advisories& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •

CVSS: 4.3EPSS: 0%CPEs: 17EXPL: 0

Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9. El texto plano de los emails descifrados puede ser filtrado por usuarios que envían un formulario embebido al presionar la tecla enter en un campo de introducción de texto. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.9. • http://www.securityfocus.com/bid/104613 https://access.redhat.com/errata/RHSA-2018:2251 https://access.redhat.com/errata/RHSA-2018:2252 https://bugzilla.mozilla.org/show_bug.cgi?id=1462910 https://lists.debian.org/debian-lts-announce/2018/07/msg00013.html https://security.gentoo.org/glsa/201811-13 https://usn.ubuntu.com/3714-1 https://www.debian.org/security/2018/dsa-4244 https://www.mozilla.org/security/advisories/mfsa2018-18 https://access.redhat.com/security/cve/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-356: Product UI does not Warn User of Unsafe Actions •

CVSS: 8.8EPSS: 1%CPEs: 16EXPL: 0

Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Flash Player, en versiones 30.0.0.113 y anteriores, tiene una vulnerabilidad de confusión de tipos. Su explotación con éxito podría permitir la ejecución arbitraria de código en el contexto del usuario actual. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/104698 http://www.securitytracker.com/id/1041248 https://access.redhat.com/errata/RHSA-2018:2175 https://helpx.adobe.com/security/products/flash-player/apsb18-24.html https://access.redhat.com/security/cve/CVE-2018-5007 https://bugzilla.redhat.com/show_bug.cgi?id=1599810 • CWE-704: Incorrect Type Conversion or Cast •

CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0

Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player, en versiones 30.0.0.113 y anteriores, tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/104698 http://www.securitytracker.com/id/1041248 https://access.redhat.com/errata/RHSA-2018:2175 https://helpx.adobe.com/security/products/flash-player/apsb18-24.html https://access.redhat.com/security/cve/CVE-2018-5008 https://bugzilla.redhat.com/show_bug.cgi?id=1599811 • CWE-125: Out-of-bounds Read •