Vulnerabilities > Mozilla > Thunderbird > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-07 | CVE-2020-26971 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. | 8.8 |
| 2020-12-09 | CVE-2020-26970 | Out-of-bounds Write vulnerability in Mozilla Thunderbird When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. | 8.8 |
| 2020-12-09 | CVE-2020-26968 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. | 8.8 |
| 2020-12-09 | CVE-2020-26960 | Use After Free vulnerability in Mozilla Firefox If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. | 8.8 |
| 2020-12-09 | CVE-2020-26959 | Use After Free vulnerability in Mozilla Firefox During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. | 8.8 |
| 2020-12-09 | CVE-2020-26950 | Use After Free vulnerability in Mozilla Firefox ESR In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. | 8.8 |
| 2020-10-01 | CVE-2020-15670 | Reachable Assertion vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers reported memory safety bugs present in Firefox for Android 79. | 8.8 |
| 2020-10-01 | CVE-2020-15669 | Use After Free vulnerability in Mozilla Firefox ESR When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. | 8.8 |
| 2020-10-01 | CVE-2020-15663 | Uncontrolled Search Path Element vulnerability in Mozilla Firefox If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. | 8.8 |
| 2020-10-01 | CVE-2020-15678 | Use After Free vulnerability in multiple products When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. | 8.8 |