Vulnerabilities > Mozilla > Thunderbird > 31.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-08 | CVE-2019-11760 | Out-of-bounds Write vulnerability in multiple products A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. | 8.8 |
| 2020-01-08 | CVE-2019-11759 | Classic Buffer Overflow vulnerability in multiple products An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. | 8.8 |
| 2020-01-08 | CVE-2019-11758 | Out-of-bounds Write vulnerability in multiple products Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. | 6.8 |
| 2020-01-08 | CVE-2019-11757 | Use After Free vulnerability in multiple products When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. | 8.8 |
| 2020-01-08 | CVE-2019-11745 | Out-of-bounds Write vulnerability in multiple products When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. | 6.8 |
| 2019-09-27 | CVE-2019-11752 | Use After Free vulnerability in Mozilla Firefox It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. | 9.3 |
| 2019-09-27 | CVE-2019-11746 | Use After Free vulnerability in Mozilla Firefox A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. | 6.8 |
| 2019-09-27 | CVE-2019-11744 | Cross-site Scripting vulnerability in Mozilla Firefox Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. | 4.3 |
| 2019-09-27 | CVE-2019-11742 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Mozilla Firefox A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied to cached image content. | 4.3 |
| 2019-09-27 | CVE-2019-11740 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. | 6.8 |