VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Mozilla
>
Thunderbird
> 0.7.1
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-01-23
CVE-2024-0747
When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy.
network
low complexity
mozilla
debian
6.5
6.5
2024-01-23
CVE-2024-0749
Origin Validation Error vulnerability in multiple products
A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar.
network
low complexity
mozilla
debian
CWE-346
4.3
4.3
2024-01-23
CVE-2024-0750
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions.
network
low complexity
mozilla
debian
8.8
8.8
2024-01-23
CVE-2024-0751
Improper Privilege Management vulnerability in multiple products
A malicious devtools extension could have been used to escalate privileges.
network
low complexity
mozilla
debian
CWE-269
8.8
8.8
2024-01-23
CVE-2024-0753
In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain.
network
low complexity
mozilla
debian
6.5
6.5
2024-01-23
CVE-2024-0755
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6.
network
low complexity
mozilla
debian
8.8
8.8
2023-12-19
CVE-2023-50761
The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time.
network
low complexity
mozilla
debian
4.3
4.3
2023-12-19
CVE-2023-50762
When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user.
network
low complexity
mozilla
debian
4.3
4.3
2023-12-19
CVE-2023-6856
Out-of-bounds Write vulnerability in multiple products
The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver.
network
low complexity
mozilla
debian
CWE-787
8.8
8.8
2023-12-19
CVE-2023-6857
Race Condition vulnerability in multiple products
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary.
network
high complexity
mozilla
debian
CWE-362
5.3
5.3
«
Previous
1
2
...
3
4
5
(current)
6
7
...
70
71
»
Next