Vulnerabilities > Mozilla > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-04 | CVE-2025-0510 | Unspecified vulnerability in Mozilla Thunderbird Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. | 6.5 |
| 2025-02-04 | CVE-2025-1015 | Unspecified vulnerability in Mozilla Thunderbird The Thunderbird Address Book URI fields contained unsanitized links. | 5.4 |
| 2025-02-04 | CVE-2025-1018 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. | 5.3 |
| 2025-02-04 | CVE-2025-1019 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The z-order of the browser windows could be manipulated to hide the fullscreen notification. | 4.3 |
| 2024-11-13 | CVE-2024-11159 | Unspecified vulnerability in Mozilla Thunderbird Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. | 4.3 |
| 2024-11-06 | CVE-2024-10941 | Unspecified vulnerability in Mozilla Firefox A malicious website could have included an iframe with an malformed URI resulting in a non-exploitable browser crash. | 6.5 |
| 2024-10-29 | CVE-2024-10460 | Unspecified vulnerability in Mozilla Firefox and Thunderbird The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. | 5.3 |
| 2024-10-29 | CVE-2024-10461 | Cross-site Scripting vulnerability in Mozilla Thunderbird In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. | 6.1 |
| 2024-10-29 | CVE-2024-10462 | Authentication Bypass by Spoofing vulnerability in Mozilla Thunderbird Truncation of a long URL could have allowed origin spoofing in a permission prompt. | 6.5 |
| 2024-10-29 | CVE-2024-10463 | Information Exposure Through Discrepancy vulnerability in Mozilla Thunderbird Video frames could have been leaked between origins in some situations. | 6.5 |