Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Mozilla Subscribe
Filtered by product Thunderbird
Total 1221 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-7757 2 Debian, Mozilla 4 Debian Linux, Firefox, Firefox Esr and 1 more 2018-08-08 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVE-2017-7756 2 Debian, Mozilla 4 Debian Linux, Firefox, Firefox Esr and 1 more 2018-08-08 7.5 HIGH 9.8 CRITICAL
A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVE-2017-5465 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 6.4 MEDIUM 9.1 CRITICAL
An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5469 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5464 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5460 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5459 3 Debian, Mozilla, Redhat 9 Debian Linux, Firefox, Firefox Esr and 6 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5446 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5447 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 6.4 MEDIUM 9.1 CRITICAL
An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5445 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 5.0 MEDIUM 7.5 HIGH
A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5444 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 5.0 MEDIUM 7.5 HIGH
A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5443 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5442 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5441 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5440 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5439 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5438 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5435 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5436 4 Debian, Mozilla, Redhat and 1 more 11 Debian Linux, Firefox, Firefox Esr and 8 more 2018-08-07 6.8 MEDIUM 8.8 HIGH
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5434 3 Debian, Mozilla, Redhat 7 Debian Linux, Firefox, Firefox Esr and 4 more 2018-08-07 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.