Mozilla

Thunderbird

1542 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-32205

  • EPSS 0.14%
  • Published 02.06.2023 17:15:13
  • Last modified 21.11.2024 08:02:53

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.1...

6.5

CVE-2023-32206

  • EPSS 0.15%
  • Published 02.06.2023 17:15:13
  • Last modified 21.11.2024 08:02:54

An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

8.8

CVE-2023-32207

  • EPSS 0.19%
  • Published 02.06.2023 17:15:13
  • Last modified 31.01.2025 16:15:29

A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

6.5

CVE-2023-32211

  • EPSS 0.15%
  • Published 02.06.2023 17:15:13
  • Last modified 21.11.2024 08:02:54

A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

4.3

CVE-2023-32212

  • EPSS 0.14%
  • Published 02.06.2023 17:15:13
  • Last modified 27.05.2025 17:15:24

An attacker could have positioned a `datalist` element to obscure the address bar. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

8.8

CVE-2023-32213

  • EPSS 0.18%
  • Published 02.06.2023 17:15:13
  • Last modified 21.11.2024 08:02:54

When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

8.8

CVE-2023-32215

  • EPSS 0.2%
  • Published 02.06.2023 17:15:13
  • Last modified 27.05.2025 17:15:24

Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs sh...

8.8

CVE-2023-28162

  • EPSS 0.12%
  • Published 02.06.2023 17:15:12
  • Last modified 09.01.2025 16:15:34

While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

6.5

CVE-2023-28163

  • EPSS 0.23%
  • Published 02.06.2023 17:15:12
  • Last modified 09.01.2025 16:15:34

When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. <br>*This bug only affects Firefox on Windows. Other ve...

6.5

CVE-2023-28164

  • EPSS 0.08%
  • Published 02.06.2023 17:15:12
  • Last modified 09.01.2025 15:15:12

Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.