Vulnerabilities > Mozilla > Thunderbird > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-29 CVE-2024-10465 Authentication Bypass by Spoofing vulnerability in Mozilla Thunderbird
A clipboard "paste" button could persist across tabs which allowed a spoofing attack.
network
low complexity
mozilla CWE-290
6.5
2024-10-29 CVE-2024-10468 Race Condition vulnerability in Mozilla Firefox
Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash.
network
high complexity
mozilla CWE-362
5.3
2024-10-01 CVE-2024-9397 Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox
A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking.
network
low complexity
mozilla CWE-1021
6.1
2024-10-01 CVE-2024-9398 Unspecified vulnerability in Mozilla Firefox
By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed.
network
low complexity
mozilla
5.3
2024-09-06 CVE-2024-8394 Use After Free vulnerability in Mozilla Thunderbird
When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash.
network
low complexity
mozilla CWE-416
6.5
2024-08-06 CVE-2024-7518 Unspecified vulnerability in Mozilla Firefox
Select options could obscure the fullscreen notification dialog.
network
low complexity
mozilla
6.5
2024-08-06 CVE-2024-7526 Use of Uninitialized Resource vulnerability in Mozilla Firefox
ANGLE failed to initialize parameters which lead to reading from uninitialized memory.
network
low complexity
mozilla CWE-908
6.5
2024-08-06 CVE-2024-7529 Unspecified vulnerability in Mozilla Firefox
The date picker could partially obscure security prompts.
network
low complexity
mozilla
6.5
2024-07-09 CVE-2024-6608 Unspecified vulnerability in Mozilla Firefox
It was possible to move the cursor using pointerlock from an iframe.
network
low complexity
mozilla
4.3
2024-07-09 CVE-2024-6610 Unspecified vulnerability in Mozilla Firefox
Form validation popups could capture escape key presses.
network
low complexity
mozilla
4.3