Vulnerabilities > Mozilla > Thunderbird > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-10-22 CVE-2020-15683 Use After Free vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3.
network
low complexity
mozilla debian opensuse CWE-416
critical
 9.8
9.8
2020-05-26 CVE-2020-6831 Out-of-bounds Write vulnerability in multiple products
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC.
network
low complexity
mozilla canonical debian opensuse CWE-787
critical
 9.8
9.8
2020-05-26 CVE-2020-12395 Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7.
network
low complexity
mozilla canonical CWE-787
critical
 9.8
9.8
2020-04-24 CVE-2020-6825 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6.
network
low complexity
mozilla CWE-787
critical
 9.8
9.8
2020-03-25 CVE-2020-6814 Out-of-bounds Write vulnerability in multiple products
Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5.
network
low complexity
mozilla canonical CWE-787
critical
 9.8
9.8
2019-07-23 CVE-2019-11691 Use After Free vulnerability in Mozilla Thunderbird
A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed.
network
low complexity
mozilla CWE-416
critical
 9.8
9.8
2019-07-23 CVE-2019-11692 Use After Free vulnerability in Mozilla Firefox
A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash.
network
low complexity
mozilla CWE-416
critical
 9.8
9.8
2019-07-23 CVE-2019-11693 Out-of-bounds Write vulnerability in Mozilla Firefox
The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux.
network
low complexity
mozilla CWE-787
critical
 9.8
9.8
2019-07-23 CVE-2019-11703 Out-of-bounds Write vulnerability in Mozilla Thunderbird
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash.
network
low complexity
mozilla CWE-787
critical
 9.8
9.8
2019-07-23 CVE-2019-11704 Out-of-bounds Write vulnerability in Mozilla Thunderbird
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash.
network
low complexity
mozilla CWE-787
critical
 9.8
9.8