14 matches found
Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3295 (ALAS-2026-3295)
The version of thunderbird installed on the remote host is prior to 140.10.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3295 advisory. Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fix...
Mozilla Thunderbird < 140.9.1
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-29 advisory. - Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and...
CVE-2026-4723
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...
Mozilla Thunderbird < 1.5.0.7
The version of Thunderbird installed on the remote Windows host is prior to 1.5.0.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2006-57 advisory. - https://bugzilla.mozilla.org/showbug.cgi?id=346794CVE-2006-4566 CVE-2006-4566 -...
Mozilla Thunderbird < 52.1
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 52.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-13 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex...
Mozilla Thunderbird < 142.0
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 142.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-70 advisory. - Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of...
Linux Distros Unpatched Vulnerability : CVE-2025-6433
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would ...
Linux Distros Unpatched Vulnerability : CVE-2019-11709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory...
SUSE CVE-2024-6610
Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox 128 and Thunderbird 128...
CVE-2023-5727
The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 119,...
SUSE CVE-2020-12397
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird 68.8.0...
SUSE CVE-2020-26978
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...
CVE-2022-46875
The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...
Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects...