EUVD-2005-0591

Malware in sbrugna...

EUVD-2022-34483

Malicious code in bioql PyPI...

CVE-2025-3034

Memory safety bugs present in Firefox 136 and Thunderbird 136. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 137 and Thunderbird 137...

Thundirbird -- unprivileged JavaScript code execution

[email protected] reports: The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the Other field of the Instant Messaging section. If another user...

MGASA-2023-0057 Updated thunderbird packages fix security vulnerability

User Interface lockup with messages combining S/MIME and OpenPGP. CVE-2023-0616 Content security policy leak in violation reports using iframes. CVE-2023-25728 Screen hijack via browser fullscreen mode. CVE-2023-25730 Arbitrary memory write via PKCS 12 in NSS. CVE-2023-0767 Potential use-after-fr...

Remote Code Execution (RCE)

thunderbird is vulnerable to remote code execution. The vulnerability exists due to the lack of sanitization of the execution context which allows Javascript to be enabled in the composition area...