Vulnerabilities > Mozilla > Thunderbird > 0.7.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-24 | CVE-2021-29948 | Race Condition vulnerability in Mozilla Thunderbird Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. | 1.9 |
| 2021-06-24 | CVE-2021-29949 | Uncontrolled Search Path Element vulnerability in Mozilla Thunderbird When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. | 4.4 |
| 2021-06-24 | CVE-2021-29950 | Cleartext Storage of Sensitive Information vulnerability in Mozilla Thunderbird Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. | 5.0 |
| 2021-06-24 | CVE-2021-29951 | Improper Privilege Management vulnerability in Mozilla Firefox The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. | 6.4 |
| 2021-06-24 | CVE-2021-29957 | Unspecified vulnerability in Mozilla Thunderbird If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected. network mozilla | 4.3 |
| 2021-06-24 | CVE-2021-29964 | Out-of-bounds Read vulnerability in Mozilla Firefox A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. | 5.8 |
| 2021-06-24 | CVE-2021-29967 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. | 8.8 |
| 2021-03-31 | CVE-2021-23987 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. | 6.8 |
| 2021-03-31 | CVE-2021-23984 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox A malicious extension could have opened a popup window lacking an address bar. | 4.3 |
| 2021-03-31 | CVE-2021-23982 | Inadequate Encryption Strength vulnerability in Mozilla Firefox Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. | 4.3 |