Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla thunderbird vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-5730
Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox &l...
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2023-5732
An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.8
CVSSv3
CVE-2023-5217
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome before 117.0.5938.132 and libvpx 1.13.1 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Webmproject Libvpx
Microsoft Edge 116.0.1938.98
Microsoft Edge 117.0.2045.47
Microsoft Edge Chromium 116.0.5845.229
Microsoft Edge Chromium 117.0.5938.132
Mozilla Firefox Focus
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Apple Iphone Os
Apple Ipad Os
Apple Ipad Os 16.7
Apple Iphone Os 16.7
2 Github repositories
5 Articles
9.8
CVSSv3
CVE-2023-5168
A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This v...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
6.5
CVSSv3
CVE-2023-5169
A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird <...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 39
6.5
CVSSv3
CVE-2023-5171
During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an malicious user to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < ...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 39
9.8
CVSSv3
CVE-2023-5176
Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox &l...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
9.8
CVSSv3
CVE-2023-5174
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Firefox on Windows when run in non-standard configurations (su...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
7.5
CVSSv3
CVE-2023-43669
The Tungstenite crate prior to 0.20.1 for Rust allows remote malicious users to cause a denial of service (minutes of CPU consumption) via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted (e.g., thousands of ...
Snapview Tungstenite
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
8.8
CVSSv3
CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome before 116.0.5845.187 and libwebp 1.3.2 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Google Chrome
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Microsoft Edge
Webmproject Libwebp
20 Github repositories
5 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »