Thunderbird

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-28	CVE-2018-12390	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. network low complexity mozilla debian canonical redhat CWE-119 critical	9.8
2019-02-28	CVE-2018-12389	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. network low complexity mozilla debian canonical redhat CWE-119	8.8
2019-02-05	CVE-2018-18505	Improper Authentication vulnerability in multiple products An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. network low complexity mozilla canonical debian redhat CWE-287 critical	10.0
2019-02-05	CVE-2018-18501	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. network low complexity mozilla canonical debian redhat CWE-119 critical	9.8
2019-02-05	CVE-2018-18500	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. network low complexity mozilla canonical debian redhat CWE-416 critical	9.8
2019-02-04	CVE-2019-7317	Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. network high complexity libpng debian canonical oracle hpe hp mozilla opensuse netapp redhat CWE-416	5.3
2018-10-18	CVE-2018-5188	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. network low complexity debian canonical mozilla redhat CWE-119 critical	9.8
2018-10-18	CVE-2018-5187	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs present in Firefox 60 and Firefox ESR 60. network low complexity debian canonical mozilla CWE-119 critical	9.8
2018-10-18	CVE-2018-5156	Improper Input Validation vulnerability in multiple products A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. network low complexity redhat debian canonical mozilla CWE-20 critical	9.8
2018-10-18	CVE-2018-12385	Improper Input Validation vulnerability in multiple products A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. local high complexity redhat debian canonical mozilla CWE-20	7.0