Max CVSS 9.3 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-12421 4.3
When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the u
30-01-2023 - 17:21 09-07-2020 - 15:15
CVE-2020-12419 9.3
When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability
27-01-2023 - 17:02 09-07-2020 - 15:15
CVE-2020-12418 4.3
Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
27-01-2023 - 16:57 09-07-2020 - 15:15
CVE-2020-12420 9.3
When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird
03-05-2022 - 13:00 09-07-2020 - 15:15
CVE-2020-12417 9.3
Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability af
03-05-2022 - 13:00 09-07-2020 - 15:15
CVE-2020-15646 4.3
If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a s
21-07-2021 - 11:39 08-10-2020 - 14:15
Back to Top Mark selected
Back to Top