CVE-2025-1016
- EPSS 0.57%
- Veröffentlicht 04.02.2025 14:15:32
- Zuletzt bearbeitet 13.04.2026 15:16:50
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...
CVE-2025-1017
- EPSS 0.56%
- Veröffentlicht 04.02.2025 14:15:32
- Zuletzt bearbeitet 13.04.2026 15:16:50
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitr...
CVE-2025-1018
- EPSS 0.4%
- Veröffentlicht 04.02.2025 14:15:32
- Zuletzt bearbeitet 13.04.2026 15:16:50
The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. This vulnerability was fixed in Firefox 135 and Thunderbird 135.
CVE-2025-1019
- EPSS 0.35%
- Veröffentlicht 04.02.2025 14:15:32
- Zuletzt bearbeitet 13.04.2026 15:16:51
The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability was fixed in Firefox 135 and Thunderbird 135.
CVE-2025-1020
- EPSS 0.52%
- Veröffentlicht 04.02.2025 14:15:32
- Zuletzt bearbeitet 13.04.2026 15:16:51
Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed ...
CVE-2025-0510
- EPSS 0.23%
- Veröffentlicht 04.02.2025 14:15:31
- Zuletzt bearbeitet 13.04.2026 15:16:35
Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. This vulnerability was fixed in Thunderbird 128.7 and Thunderbird 135.
CVE-2025-1009
- EPSS 1.2%
- Veröffentlicht 04.02.2025 14:15:31
- Zuletzt bearbeitet 13.04.2026 15:16:47
An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.
CVE-2025-1010
- EPSS 0.45%
- Veröffentlicht 04.02.2025 14:15:31
- Zuletzt bearbeitet 13.04.2026 15:16:49
An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.
CVE-2025-1011
- EPSS 0.63%
- Veröffentlicht 04.02.2025 14:15:31
- Zuletzt bearbeitet 13.04.2026 15:16:49
A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird ...
CVE-2025-0247
- EPSS 9.35%
- Veröffentlicht 07.01.2025 16:15:39
- Zuletzt bearbeitet 13.04.2026 15:16:35
Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed ...