CVE-2018-12374 |
Low |
Yes |
Information disclosure |
A security issue has been found in Thunderbird before 52.9, where plaintext of decrypted emails can leak through by user submitting an embedded form by... |
CVE-2018-12373 |
High |
Yes |
Information disclosure |
A security issue has been found in Thunderbird before 52.9, where S/MIME parts hidden with CSS or <plaintext> can leak plaintext when included in a HTML... |
CVE-2018-12372 |
High |
Yes |
Information disclosure |
A security issue has been found in Thunderbird before 52.9, where decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext... |
CVE-2018-12366 |
Medium |
Yes |
Information disclosure |
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value, in Firefox before 61.0... |
CVE-2018-12365 |
Medium |
No |
Information disclosure |
A security issue has been found in Firefox before 61.0 and Thunderbird before 52.9 where a compromised IPC child process can escape the content sandbox and... |
CVE-2018-12364 |
High |
Yes |
Cross-site request forgery |
A security issue has been found in Firefox before 61.0 and Thunderbird before 52.9, where NPAPI plugins, such as Adobe Flash, can send non- simple... |
CVE-2018-12363 |
High |
Yes |
Arbitrary code execution |
A use-after-free vulnerability can occur in Firefox before 61.0 and Thunderbird before 52.9 when script uses mutation events to move DOM nodes between... |
CVE-2018-12362 |
High |
Yes |
Arbitrary code execution |
An integer overflow can occur in Firefox before 61.0 and Thunderbird before 52.9 during graphics operations done by the Supplemental Streaming SIMD... |
CVE-2018-12360 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free vulnerability can occur in Firefox before 61.0 and Thunderbird before 52.9 when deleting an input element during a mutation event handler... |
CVE-2018-12359 |
Critical |
Yes |
Arbitrary code execution |
A buffer overflow can occur in Firefox before 61.0 and Thunderbird before 52.9 when rendering canvas content while adjusting the height and width of the... |
CVE-2018-5188 |
Critical |
Yes |
Arbitrary code execution |
Several memory safety bugs have been found in Firefox before 61.0 and Thunderbird before 52.9. Some of these bugs showed evidence of memory corruption and... |