VYPR

Thunderbird

by Mozilla Corporation

Source repositories

CVEs (1,864)

  • CVE-2018-5125HigJun 11, 2018
    risk 0.57cvss 8.8epss 0.02

    Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox…

  • CVE-2017-7846HigJun 11, 2018
    risk 0.57cvss 8.8epss 0.02

    It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2.

  • CVE-2017-7845HigJun 11, 2018
    risk 0.57cvss 8.8epss 0.03

    A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This…

  • CVE-2017-7752HigJun 11, 2018
    risk 0.57cvss 8.8epss 0.02

    A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects…

  • CVE-2017-5436HigJun 11, 2018
    risk 0.57cvss 8.8epss 0.02

    An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1,…

  • CVE-2016-9905HigJun 11, 2018
    risk 0.57cvss 8.8epss 0.02

    A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.

  • CVE-2016-5272HigSep 22, 2016
    risk 0.57cvss 8.8epss 0.02

    The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a…

  • CVE-2016-1974HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.03

    The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted…

  • CVE-2016-1966HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.03

    The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via…

  • CVE-2016-1964HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.03

    Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations.

  • CVE-2016-1961HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.03

    Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.

  • CVE-2016-1954HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.02

    The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a…

  • CVE-2016-1953HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.03

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and…

  • CVE-2016-1952HigMar 13, 2016
    risk 0.57cvss 8.8epss 0.03

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

  • CVE-2014-1497HigMar 19, 2014
    risk 0.57cvss 8.8epss 0.03

    The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service…

  • CVE-2026-8958HigMay 19, 2026
    risk 0.56cvss 8.6epss 0.00

    Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

  • CVE-2026-4690HigMar 24, 2026
    risk 0.56cvss 8.6epss 0.01

    Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4687HigMar 24, 2026
    risk 0.56cvss 8.6epss 0.01

    Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2025-6432HigJun 24, 2025
    risk 0.56cvss 8.6epss 0.00

    When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability was fixed in Firefox 140 and Thunderbird 140.

  • CVE-2023-4576HigSep 11, 2023
    risk 0.56cvss 8.6epss 0.01

    On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*…

Page 26 of 94