Vulnerabilities > Mozilla > Thunderbird > 0.7.1

DATE CVE VULNERABILITY TITLE RISK
2024-07-09 CVE-2024-6609 Unspecified vulnerability in Mozilla Firefox
When almost out-of-memory an elliptic curve key which was never allocated could have been freed again.
network
low complexity
mozilla
8.8
2024-07-09 CVE-2024-6610 Unspecified vulnerability in Mozilla Firefox
Form validation popups could capture escape key presses.
network
low complexity
mozilla
4.3
2024-06-11 CVE-2024-5690 Information Exposure Through Discrepancy vulnerability in multiple products
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system.
network
low complexity
mozilla debian CWE-203
4.3
2024-06-11 CVE-2024-5691 Unspecified vulnerability in Mozilla Firefox
By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window.
network
low complexity
mozilla
4.7
2024-02-20 CVE-2024-1547 Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown).
network
low complexity
mozilla debian
6.5
2024-02-20 CVE-2024-1550 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant.
network
low complexity
mozilla debian CWE-1021
6.1
2024-02-20 CVE-2024-1552 Incorrect Conversion between Numeric Types vulnerability in multiple products
Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices.
network
low complexity
mozilla debian CWE-681
7.5
2024-01-23 CVE-2024-0741 Out-of-bounds Write vulnerability in multiple products
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash.
network
low complexity
mozilla debian CWE-787
6.5
2024-01-23 CVE-2024-0742 It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load.
network
low complexity
mozilla debian
4.3
2024-01-23 CVE-2024-0746 A Linux user opening the print preview dialog could have caused the browser to crash.
network
low complexity
mozilla debian
6.5