AVG-965 log

An issue has been found in Thunderbird before 60.7.0, where cross- origin images can be read from a canvas element in violation of the same-origin policy...

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar in Firefox before 67.0 or Thunderbird before 60.7.0, and the resulting bookmark...

The bufferdata function in WebGL in Firefox before 67.0 and Thunderbird before 60.7.0 is vulnerable to a buffer overflow with specific graphics drivers on...

A use-after-free vulnerability can occur in Firefox before 67.0 and Thunderbird before 60.7.0, when listeners are removed from the event listener manager...

A use-after-free vulnerability can occur in Firefox before 67.0 and Thunderbird before 60.7.0, when working with XMLHttpRequest (XHR) in an event loop,...

A vulnerability where a JavaScript compartment mismatch can occur in Firefox before 67.0 and Thunderbird before 60.7.0, while working with the fetch API,...

In Firefox before 67.0 and Thunderbird before 60.7.0, images from a different domain can be read using a canvas object in some circumstances. This could be...

A possible vulnerability exists in Firefox before 67.0 and Thunderbird before 60.7.0, where type confusion can occur when manipulating JavaScript objects in...

Several memory safety bugs have been found in Firefox before 67.0 and Thunderbird before 60.7.0. Some of these bugs showed evidence of memory corruption and...

png_image_free in png.c in libpng 1.6.36 has a use-after-free because png_image_free_function is called under png_safe_execute.

An out-of-bounds read has been found in the Skia component of the chromium browser before 73.0.3683.75 and Thunderbird before 60.7.0.

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/