Vulnerabilities > Mozilla > Thunderbird > 0.7.1

DATE CVE VULNERABILITY TITLE RISK
2021-06-24 CVE-2021-29967 Out-of-bounds Write vulnerability in Mozilla Firefox ESR
Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11.
network
low complexity
mozilla CWE-787
8.8
2021-03-31 CVE-2021-23987 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8.
network
low complexity
mozilla CWE-787
8.8
2021-03-31 CVE-2021-23984 Authentication Bypass by Spoofing vulnerability in Mozilla Firefox
A malicious extension could have opened a popup window lacking an address bar.
network
low complexity
mozilla CWE-290
6.5
2021-03-31 CVE-2021-23982 Inadequate Encryption Strength vulnerability in Mozilla Firefox
Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections.
network
low complexity
mozilla CWE-326
6.5
2021-03-31 CVE-2021-23981 Out-of-bounds Write vulnerability in Mozilla Firefox
A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash.
network
low complexity
mozilla CWE-787
8.1
2021-02-26 CVE-2021-23978 Out-of-bounds Write vulnerability in multiple products
Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7.
network
low complexity
mozilla debian CWE-787
8.8
2021-02-26 CVE-2021-23964 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6.
network
low complexity
mozilla CWE-787
8.8
2021-02-26 CVE-2021-23960 Unspecified vulnerability in Mozilla Firefox
Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash.
network
low complexity
mozilla
8.8
2021-02-26 CVE-2021-23954 Type Confusion vulnerability in Mozilla Firefox
Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash.
network
low complexity
mozilla CWE-843
8.8
2021-02-26 CVE-2021-23953 Unspecified vulnerability in Mozilla Firefox
If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data.
network
low complexity
mozilla
4.3