Vulnerabilities > Mozilla > Thunderbird > 59.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-28 | CVE-2018-18494 | Origin Validation Error vulnerability in Mozilla Firefox and Firefox ESR A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). | 4.3 |
| 2019-02-28 | CVE-2018-18493 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. | 7.5 |
| 2019-02-28 | CVE-2018-18492 | Use After Free vulnerability in Mozilla Firefox and Firefox ESR A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. | 7.5 |
| 2019-02-28 | CVE-2018-12405 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. | 7.5 |
| 2019-02-28 | CVE-2018-12392 | Unspecified vulnerability in Mozilla Firefox and Firefox ESR When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. | 7.5 |
| 2019-02-28 | CVE-2018-12391 | Incorrect Authorization vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. | 9.3 |
| 2019-02-28 | CVE-2018-12390 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. | 7.5 |
| 2019-02-28 | CVE-2018-12389 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. | 6.8 |
| 2019-02-05 | CVE-2018-18505 | Improper Authentication vulnerability in Mozilla Firefox and Firefox ESR An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. | 7.5 |
| 2019-02-05 | CVE-2018-18501 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. | 7.5 |