Vulnerabilities > Mozilla > Thunderbird
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-26 | CVE-2018-18513 | NULL Pointer Dereference vulnerability in Mozilla Thunderbird A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. | 7.5 |
| 2019-04-26 | CVE-2018-18512 | Use After Free vulnerability in Mozilla Thunderbird A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. | 9.8 |
| 2019-04-26 | CVE-2018-18509 | Improper Verification of Cryptographic Signature vulnerability in Mozilla Thunderbird A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signature. | 5.3 |
| 2019-02-28 | CVE-2018-18499 | Origin Validation Error vulnerability in Mozilla Firefox A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). | 6.5 |
| 2019-02-28 | CVE-2018-18498 | Integer Overflow or Wraparound vulnerability in multiple products A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. | 9.8 |
| 2019-02-28 | CVE-2018-18494 | Origin Validation Error vulnerability in multiple products A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). | 6.5 |
| 2019-02-28 | CVE-2018-18493 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. | 9.8 |
| 2019-02-28 | CVE-2018-18492 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. | 9.8 |
| 2019-02-28 | CVE-2018-12405 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. | 9.8 |
| 2019-02-28 | CVE-2018-12393 | Integer Overflow or Wraparound vulnerability in multiple products A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. | 7.5 |