Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla thunderbird 8.0 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-12361
An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird <...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
6.8
CVSSv2
CVE-2017-7814
File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into download...
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 6.0
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2016-9905
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 7.0
Debian Debian Linux 8.0
Mozilla Firefox Esr
Mozilla Thunderbird
6.8
CVSSv2
CVE-2015-0831
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox prior to 36.0, Firefox ESR 31.x prior to 31.5, and Thunderbird prior to 31.5 allows remote malicious users to execute arbitrary code or cause a denial of service (...
Mozilla Thunderbird
Mozilla Thunderbird 31.3
Mozilla Thunderbird 31.0
Mozilla Thunderbird 31.2
Mozilla Thunderbird 31.1.2
Mozilla Firefox 33.0
Mozilla Firefox 32.0
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.14
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.19
1 Article
6.8
CVSSv2
CVE-2014-1497
The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox prior to 28.0, Firefox ESR 24.x prior to 24.4, Thunderbird prior to 24.4, and SeaMonkey prior to 2.25 allows remote malicious users to obtain sensitive information from process heap memory, cause a denial of ser...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Suse Linux Enterprise Desktop 11
Suse Suse Linux Enterprise Server 11
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.5
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Eus 6.5
6.8
CVSSv2
CVE-2012-3978
The nsLocation::CheckURL function in Mozilla Firefox prior to 15.0, Firefox ESR 10.x prior to 10.0.7, Thunderbird prior to 15.0, Thunderbird ESR 10.x prior to 10.0.7, and SeaMonkey prior to 2.12 does not properly follow the security model of the location object, which allows remo...
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0.6
Mozilla Thunderbird Esr 10.0.1
Mozilla Thunderbird Esr 10.0.2
Mozilla Thunderbird Esr 10.0.5
Mozilla Thunderbird Esr 10.0
Mozilla Thunderbird Esr 10.0.6
Mozilla Thunderbird Esr 10.0.3
Mozilla Thunderbird Esr 10.0.4
Mozilla Firefox 13.0
Mozilla Firefox 10.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 6.0.1
Mozilla Firefox 6.0
Mozilla Firefox 4.0
Mozilla Firefox 12.0
Mozilla Firefox 11.0
6.8
CVSSv2
CVE-2012-1955
Mozilla Firefox 4.x up to and including 13.0, Firefox ESR 10.x prior to 10.0.6, Thunderbird 5.0 up to and including 13.0, Thunderbird ESR 10.x prior to 10.0.6, and SeaMonkey prior to 2.11 allow remote malicious users to spoof the address bar via vectors involving history.forward ...
Mozilla Firefox 4.0
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox 13.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 9.0
Mozilla Firefox 11.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 12.0
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
6.4
CVSSv2
CVE-2014-1508
The libxul.so!gfxContext::Polygon function in Mozilla Firefox prior to 28.0, Firefox ESR 24.x prior to 24.4, Thunderbird prior to 24.4, and SeaMonkey prior to 2.25 allows remote malicious users to obtain sensitive information from process memory, cause a denial of service (out-of...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.5
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Eus 6.5
Redhat Enterprise Linux Server Tus 6.5
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
6.4
CVSSv2
CVE-2012-1950
The drag-and-drop implementation in Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 allows remote malicious users to spoof the address bar by canceling a page load.
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
6.4
CVSSv2
CVE-2012-0460
Mozilla Firefox 4.x up to and including 10.0, Firefox ESR 10.x prior to 10.0.3, Thunderbird 5.0 up to and including 10.0, Thunderbird ESR 10.x prior to 10.0.3, and SeaMonkey prior to 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote ma...
Mozilla Firefox 4.0
Mozilla Firefox 5.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.1
Mozilla Firefox Esr 10.2
Mozilla Thunderbird 5.0
Mozilla Thunderbird 6.0
Mozilla Thunderbird 9.0.1
Mozilla Thunderbird 7.0
Mozilla Thunderbird 7.0.1
Mozilla Thunderbird 6.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »