Mozilla

Thunderbird

1567 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-8387

  • EPSS 0.4%
  • Veröffentlicht 03.09.2024 13:15:05
  • Zuletzt bearbeitet 06.09.2024 17:15:18

Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vu...

9.6

CVE-2024-7519

  • EPSS 0.23%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 12.08.2024 16:04:20

Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, T...

8.8

CVE-2024-7520

  • EPSS 0.44%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 24.03.2025 17:15:19

A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.

8.8

CVE-2024-7521

  • EPSS 0.19%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 12.08.2024 16:05:10

Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.

8.8

CVE-2024-7522

  • EPSS 0.18%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 12.08.2024 16:06:05

Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.

8.1

CVE-2024-7525

  • EPSS 0.1%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 12.08.2024 16:07:19

It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 12...

6.5

CVE-2024-7526

  • EPSS 0.2%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 17.09.2024 19:15:28

ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128....

8.8

CVE-2024-7527

  • EPSS 0.16%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 18.03.2025 19:15:47

Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.

8.8

CVE-2024-7528

  • EPSS 0.18%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 12.08.2024 16:10:00

Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.

6.5

CVE-2024-7529

  • EPSS 0.11%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 12.08.2024 16:09:09

The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and ...