Vulnerabilities > Mozilla > Thunderbird
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-11 | CVE-2023-4577 | Unspecified vulnerability in Mozilla Thunderbird When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. | 6.5 |
2023-09-11 | CVE-2023-4578 | Allocation of Resources Without Limits or Throttling vulnerability in Mozilla Thunderbird When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. | 6.5 |
2023-09-11 | CVE-2023-4580 | Missing Encryption of Sensitive Data vulnerability in Mozilla Thunderbird Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. | 6.5 |
2023-09-11 | CVE-2023-4581 | Unspecified vulnerability in Mozilla Thunderbird Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. | 4.3 |
2023-09-11 | CVE-2023-4582 | Classic Buffer Overflow vulnerability in Mozilla Firefox Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. | 8.8 |
2023-09-11 | CVE-2023-4583 | Unspecified vulnerability in Mozilla Thunderbird When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. | 7.5 |
2023-09-11 | CVE-2023-4584 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. | 8.8 |
2023-09-11 | CVE-2023-4585 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. | 8.8 |
2023-09-11 | CVE-2023-4573 | Use After Free vulnerability in Mozilla Thunderbird When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. | 6.5 |
2023-07-24 | CVE-2023-3417 | Thunderbird allowed the Text Direction Override Unicode Character in filenames. | 7.5 |