Mozilla

Thunderbird

1660 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2014-1531

Exploit
  • EPSS 5.09%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary co...

9.8

CVE-2014-1532

Exploit
  • EPSS 4.89%
  • Veröffentlicht 30.04.2014 10:49:05
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute a...

9.3

CVE-2014-1518

Exploit
  • EPSS 2.82%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and app...

6.5

CVE-2014-1523

  • EPSS 0.54%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and applicat...

9.8

CVE-2014-1524

Exploit
  • EPSS 6.41%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers...

9.3

CVE-2014-1529

Exploit
  • EPSS 1.32%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 25.11.2025 17:50:16

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code i...

10

CVE-2014-1493

Exploit
  • EPSS 1.47%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and app...

5.5

CVE-2014-1496

Exploit
  • EPSS 0.06%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 25.11.2025 17:50:16

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.

8.8

CVE-2014-1497

Exploit
  • EPSS 0.5%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 25.11.2025 17:50:16

The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause...

7.5

CVE-2014-1505

Exploit
  • EPSS 0.58%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 25.11.2025 17:50:16

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the S...