Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla thunderbird 8.0 vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2019-9811
As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird <...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 8.0
Novell Suse Package Hub For Suse Linux Enterprise 12
Opensuse Leap 15.0
Opensuse Leap 15.1
5
CVSSv2
CVE-2019-11717
A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbi...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 8.0
Novell Suse Package Hub For Suse Linux Enterprise 12
Opensuse Leap 15.0
Opensuse Leap 15.1
5
CVSSv2
CVE-2016-9897
Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
5
CVSSv2
CVE-2017-7805
During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leav...
Mozilla Firefox 56.0
Mozilla Firefox Esr 52.4.0
Mozilla Thunderbird 52.4.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2017-7829
It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird < 52.5.2.
Mozilla Thunderbird
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Aus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2017-7763
Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability ...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 8.0
5
CVSSv2
CVE-2017-7787
Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox...
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.3
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
5
CVSSv2
CVE-2017-5462
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28....
Debian Debian Linux 8.0
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Mozilla Network Security Services
Mozilla Firefox Esr 52.0
5
CVSSv2
CVE-2016-10197
The search_make_new function in evdns.c in libevent prior to 2.1.6-beta allows malicious users to cause a denial of service (out-of-bounds read) via an empty hostname.
Debian Debian Linux 8.0
Libevent Project Libevent
5
CVSSv2
CVE-2014-1505
The SVG filter implementation in Mozilla Firefox prior to 28.0, Firefox ESR 24.x prior to 24.4, Thunderbird prior to 24.4, and SeaMonkey prior to 2.25 allows remote malicious users to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Polic...
Mozilla Seamonkey
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Eus 6.5
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Tus 6.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 6.5
Opensuse Opensuse 12.3
Opensuse Opensuse 11.4
Suse Suse Linux Enterprise Server 11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »