Vulnerabilities > Mozilla > Thunderbird > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-29 | CVE-2024-10465 | Authentication Bypass by Spoofing vulnerability in Mozilla Thunderbird A clipboard "paste" button could persist across tabs which allowed a spoofing attack. | 6.5 |
2024-10-29 | CVE-2024-10468 | Race Condition vulnerability in Mozilla Firefox Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. | 5.3 |
2024-10-01 | CVE-2024-9397 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. | 6.1 |
2024-10-01 | CVE-2024-9398 | Unspecified vulnerability in Mozilla Firefox By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. | 5.3 |
2024-09-06 | CVE-2024-8394 | Use After Free vulnerability in Mozilla Thunderbird When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. | 6.5 |
2024-08-06 | CVE-2024-7518 | Unspecified vulnerability in Mozilla Firefox Select options could obscure the fullscreen notification dialog. | 6.5 |
2024-08-06 | CVE-2024-7526 | Use of Uninitialized Resource vulnerability in Mozilla Firefox ANGLE failed to initialize parameters which lead to reading from uninitialized memory. | 6.5 |
2024-08-06 | CVE-2024-7529 | Unspecified vulnerability in Mozilla Firefox The date picker could partially obscure security prompts. | 6.5 |
2024-07-09 | CVE-2024-6608 | Unspecified vulnerability in Mozilla Firefox It was possible to move the cursor using pointerlock from an iframe. | 4.3 |
2024-07-09 | CVE-2024-6610 | Unspecified vulnerability in Mozilla Firefox Form validation popups could capture escape key presses. | 4.3 |