Vulnerabilities > Mozilla > Thunderbird
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-5721 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. | 4.3 |
| 2023-10-25 | CVE-2023-5724 | Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. | 7.5 |
| 2023-10-25 | CVE-2023-5725 | A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. | 4.3 |
| 2023-10-25 | CVE-2023-5726 | Unspecified vulnerability in Mozilla Firefox A website could have obscured the full screen notification by using the file open dialog. | 4.3 |
| 2023-10-25 | CVE-2023-5727 | Unspecified vulnerability in Mozilla Firefox The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. | 6.5 |
| 2023-10-25 | CVE-2023-5728 | During garbage collection extra operations were performed on a object that should not be. | 7.5 |
| 2023-10-25 | CVE-2023-5730 | Out-of-bounds Write vulnerability in multiple products Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. | 9.8 |
| 2023-10-25 | CVE-2023-5732 | An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. | 6.5 |
| 2023-09-28 | CVE-2023-5217 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity webmproject microsoft mozilla fedoraproject debian apple google redhat CWE-787 | 8.8 |
| 2023-09-27 | CVE-2023-5168 | Out-of-bounds Write vulnerability in Mozilla Firefox A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. | 9.8 |