Seamonkey

DATE	CVE	VULNERABILITY TITLE	RISK
2014-12-11	CVE-2014-1588	Memory Corruption vulnerability in Mozilla Firefox/Thunderbird Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. network mozilla	6.8
2014-12-11	CVE-2014-1587	Improper Input Validation vulnerability in Mozilla Firefox, Firefox ESR and Seamonkey Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. network mozilla CWE-20	6.8
2014-09-25	CVE-2014-1568	Cryptographic Issues vulnerability in Google Chrome Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue. network low complexity google apple microsoft mozilla CWE-310	7.5
2014-04-30	CVE-2014-1532	USE After Free vulnerability in multiple products Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution. network low complexity mozilla fedoraproject canonical debian redhat opensuse suse CWE-416	7.5
2014-04-30	CVE-2014-1531	USE After Free vulnerability in multiple products Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation. network mozilla canonical debian redhat fedoraproject opensuse suse CWE-416 critical	9.3
2014-04-30	CVE-2014-1530	Cross-Site Scripting vulnerability in multiple products The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation. network mozilla fedoraproject canonical debian redhat opensuse suse CWE-79	4.3
2014-04-30	CVE-2014-1529	Improper Privilege Management vulnerability in multiple products The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted. network mozilla canonical debian redhat fedoraproject opensuse suse CWE-269 critical	9.3
2014-04-30	CVE-2014-1528	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element. network low complexity canonical opensuse opensuse-project oracle mozilla microsoft fedoraproject CWE-119 critical	10.0
2014-04-30	CVE-2014-1526	Improper Privilege Management vulnerability in multiple products The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects. network mozilla canonical opensuse fedoraproject CWE-269	6.8
2014-04-30	CVE-2014-1525	USE After Free vulnerability in multiple products The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document. network mozilla canonical opensuse fedoraproject CWE-416 critical	9.3