Vulnerabilities > Mozilla > Thunderbird > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-11 | CVE-2023-4584 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. | 8.8 |
| 2023-09-11 | CVE-2023-4585 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. | 8.8 |
| 2023-07-24 | CVE-2023-3417 | Thunderbird allowed the Text Direction Override Unicode Character in filenames. | 7.5 |
| 2023-07-12 | CVE-2023-3600 | Use After Free vulnerability in Mozilla Firefox During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. | 8.8 |
| 2023-07-05 | CVE-2023-37211 | Out-of-bounds Write vulnerability in multiple products Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. | 8.8 |
| 2023-07-05 | CVE-2023-37201 | Use After Free vulnerability in multiple products An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. | 8.8 |
| 2023-07-05 | CVE-2023-37202 | Use After Free vulnerability in multiple products Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. | 8.8 |
| 2023-07-05 | CVE-2023-37208 | When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. | 7.8 |
| 2023-06-19 | CVE-2023-32214 | Unspecified vulnerability in Mozilla Firefox Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service. *Note: This attack only affects Windows. | 7.5 |
| 2023-06-02 | CVE-2023-0767 | Unspecified vulnerability in Mozilla Firefox ESR An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. | 8.8 |