Homepage

thunderbird vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the thunderbird package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Exposure of Private Information ('Privacy Violation')

*
  • H
Cross-site Scripting (XSS)

*
  • M
Out-of-bounds Read

*
  • L
Algorithmic Complexity

*
  • M
Out-of-bounds Read

*
  • L
Authentication Bypass

<0:140.5.0-2.el10_1
  • L
Authentication Bypass

<0:140.5.0-1.el10_0
  • M
Origin Validation Error

<0:140.5.0-2.el10_1
  • M
Origin Validation Error

<0:140.5.0-1.el10_0
  • M
Cross-site Scripting (XSS)

<0:140.5.0-2.el10_1
  • M
Cross-site Scripting (XSS)

<0:140.5.0-1.el10_0
  • M
Expired Pointer Dereference

<0:140.5.0-2.el10_1
  • M
Expired Pointer Dereference

<0:140.5.0-1.el10_0
  • M
Cross-site Scripting (XSS)

<0:140.5.0-2.el10_1
  • M
Cross-site Scripting (XSS)

<0:140.5.0-1.el10_0
  • M
Trust Boundary Violation

<0:140.5.0-2.el10_1
  • M
Trust Boundary Violation

<0:140.5.0-1.el10_0
  • M
Expired Pointer Dereference

<0:140.5.0-2.el10_1
  • M
Expired Pointer Dereference

<0:140.5.0-1.el10_0
  • H
Out-of-bounds Write

<0:140.5.0-2.el10_1
  • H
Out-of-bounds Write

<0:140.5.0-1.el10_0
  • H
Race Condition

<0:140.5.0-2.el10_1
  • H
Race Condition

<0:140.5.0-1.el10_0
  • M
Integer Overflow or Wraparound

*
  • H
Exposure of System Data to an Unauthorized Control Sphere

<0:140.4.0-2.el10_0
  • H
Out-of-bounds Read

<0:140.4.0-2.el10_0
  • H
Improper Access Control

<0:140.4.0-2.el10_0
  • M
Interpretation Conflict

<0:140.4.0-2.el10_0
  • H
Out-of-Bounds

<0:140.4.0-2.el10_0
  • H
Use After Free

<0:140.4.0-2.el10_0
  • H
Out-of-Bounds

<0:140.4.0-2.el10_0
  • M
Out-of-bounds Read

<0:140.3.0-1.el10_0
  • H
Access of Uninitialized Pointer

<0:140.3.0-1.el10_0
  • L
CVE-2025-10536

<0:140.3.0-1.el10_0
  • H
Use After Free

<0:140.3.0-1.el10_0
  • M
Integer Overflow or Wraparound

<0:140.3.0-1.el10_0
  • H
CVE-2025-10537

<0:140.3.0-1.el10_0
  • M
CVE-2025-10529

<0:140.3.0-1.el10_0
  • M
Allocation of Resources Without Limits or Throttling

*
  • L
Resource Exhaustion

<0:128.14.0-3.el10_0
  • L
Improper Neutralization

*
  • M
Information Exposure Through Caching

*
  • M
Improper Input Validation

*
  • M
Improper Initialization

<0:128.14.0-3.el10_0
  • H
Out-of-Bounds

<0:128.14.0-3.el10_0
  • H
Out-of-Bounds

<0:128.14.0-3.el10_0
  • H
Information Exposure

<0:128.14.0-3.el10_0
  • L
Improper Encoding or Escaping of Output

*
  • M
Resource Exhaustion

*
  • M
Arbitrary Code Injection

<0:128.13.0-3.el10_0
  • M
Incorrect Default Permissions

<0:128.13.0-3.el10_0
  • M
Cross-site Scripting (XSS)

<0:128.13.0-3.el10_0
  • H
Out-of-Bounds

<0:128.13.0-3.el10_0
  • M
Protection Mechanism Failure

<0:128.13.0-3.el10_0
  • H
Use of Uninitialized Variable

<0:128.13.0-3.el10_0
  • L
NULL Pointer Dereference

<0:128.13.0-3.el10_0
  • H
Insufficient Protection Against Instruction Skipping Via Fault Injection

<0:128.13.0-3.el10_0
  • H
Out-of-Bounds

<0:128.13.0-3.el10_0
  • M
Integer Overflow or Wraparound

*
  • H
Numeric Truncation Error

*
  • L
Missing Synchronization

*
  • L
NULL Pointer Dereference

*
  • L
User Interface (UI) Misrepresentation of Critical Information

*
  • L
Out-of-bounds Read

*
  • L
Double Free

*
  • L
Race Condition

*
  • L
Improper Validation of Specified Quantity in Input

*
  • L
Open Redirect

*
  • L
Uncontrolled Memory Allocation

*
  • L
Improper Check for Unusual or Exceptional Conditions

*
  • L
Information Exposure

*
  • M
Exposure of System Data to an Unauthorized Control Sphere

*
  • M
Information Exposure

*
  • M
User Interface (UI) Misrepresentation of Critical Information

*
  • M
Use After Free

*
  • M
Out-of-Bounds

*
  • M
Buffer Overflow

*
  • M
User Interface (UI) Misrepresentation of Critical Information

*
  • M
Use After Free

*
  • M
Buffer Overflow

*
  • M
Out-of-Bounds

*
  • M
Use After Free

*
  • M
Open Redirect

*
  • M
Out-of-Bounds

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • H
Buffer Overflow

*
  • H
Buffer Overflow

*
  • H
Buffer Overflow

*
  • H
Use After Free

*
  • H
Buffer Overflow

*
  • H
Arbitrary Code Injection

*
  • H
Arbitrary Code Injection

*
  • H
Buffer Overflow

*
  • H
Buffer Overflow

*
  • H
Buffer Overflow

*
  • H
Buffer Overflow

*
  • M
HTTP Request Smuggling

*
  • L
HTTP Request Smuggling

*
  • M
Information Exposure

<0:128.12.0-1.el10_0
  • M
Cross-site Scripting (XSS)

<0:128.12.0-1.el10_0
  • H
Use After Free

<0:128.12.0-1.el10_0
  • M
Use of Incorrectly-Resolved Name or Reference

<0:128.12.0-1.el10_0
  • H
Resource Exhaustion

<0:128.12.0-1.el10_0
  • L
Improper Input Validation

*
  • L
Improper Resource Shutdown or Release

*
  • L
Use After Free

*
  • L
Reachable Assertion

*
  • H
Double Free

<0:128.11.0-1.el10_0
  • L
Information Exposure

*
  • M
User Interface (UI) Misrepresentation of Critical Information

*
  • H
Buffer Overflow

*
  • M
Improper Encoding or Escaping of Output

<0:128.11.0-1.el10_0
  • M
Inclusion of Functionality from Untrusted Control Sphere

<0:128.11.0-1.el10_0
  • H
Out-of-bounds Write

<0:128.11.0-1.el10_0
  • H
Out-of-bounds Write

<0:128.11.0-1.el10_0
  • M
Out-of-Bounds

<0:128.11.0-1.el10_0
  • M
Inclusion of Functionality from Untrusted Control Sphere

<0:128.11.0-1.el10_0
  • L
Improper Restriction of Rendered UI Layers or Frames

<0:128.11.0-1.el10_0
  • M
Out-of-Bounds

<0:128.11.0-1.el10_0
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Heap-based Buffer Overflow

*
  • L
Race Condition

*
  • M
CVE-2025-48068

*
  • M
Improper Validation of Unsafe Equivalence in Input

*
  • L
Authentication Bypass

<0:128.10.1-1.el10_0
  • H
Information Exposure

<0:128.10.1-1.el10_0
  • H
Authentication Bypass

<0:128.10.1-1.el10_0
  • H
Authentication Bypass

<0:128.10.1-1.el10_0
  • L
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

*
  • L
Information Exposure

*
  • L
Product UI does not Warn User of Unsafe Actions

*
  • M
Double Free

*
  • M
User Interface (UI) Misrepresentation of Critical Information

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improper Validation of Integrity Check Value

*
  • H
Buffer Overflow

*
  • M
Incomplete Filtering of Special Elements

*
  • M
Buffer Overflow

<0:128.10.0-1.el10_0
  • M
Out-of-bounds Read

<0:128.10.0-1.el10_0
  • H
Buffer Overflow

<0:128.10.0-1.el10_0
  • H
Arbitrary Code Injection

<0:128.10.0-1.el10_0
  • H
Insufficient Compartmentalization

<0:128.10.0-1.el10_0
  • L
User Interface (UI) Misrepresentation of Critical Information

<0:128.10.0-1.el10_0
  • M
Origin Validation Error

<0:128.9.0-2.el10_0
  • H
Buffer Overflow

<0:128.9.0-2.el10_0
  • H
Use After Free

<0:128.9.0-2.el10_0
  • H
Insufficient Granularity of Access Control

<0:128.10.0-1.el10_0
  • H
Information Exposure

<0:128.10.0-1.el10_0
  • H
Execution with Unnecessary Privileges

<0:38.3.0-1.el5_11
  • C
Out-of-bounds Write

<0:24.3.0-2.el5_10
  • M
Resource Management Errors

<0:2.0.0.24-8.el5
  • C
Access Restriction Bypass

<0:2.0.0.16-1.el5
  • H
Use After Free

<0:45.5.1-1.el5_11
  • C
CVE-2013-0783

<0:17.0.3-1.el5_9
  • H
Use After Free

<0:31.6.0-1.el5_11
  • M
Improperly Implemented Security Check for Standard

<0:31.6.0-1.el5_11
  • C
Use After Free

<0:24.4.0-1.el5_10
  • C
Resource Management Errors

<0:2.0.0.21-1.el5
  • C
Resource Management Errors

<0:10.0.6-1.el5_8
  • C
Code

<0:38.4.0-1.el5_11
  • L
CVE-2007-2871

<0:1.5.0.12-1.el5
  • L
Improper Input Validation

<0:1.5.0.12-1.el5
  • L
Out-of-Bounds

<0:1.5.0.12-1.el5
  • M
CVE-2007-1558

<0:1.5.0.12-1.el5
  • L
CVE-2007-2869

<0:1.5.0.12-1.el5
  • M
Cross-site Request Forgery (CSRF)

<0:1.5.0.12-7.el5
  • C
CVE-2007-5959

<0:1.5.0.12-7.el5
  • M
Cross-site Scripting (XSS)

<0:1.5.0.12-7.el5
  • C
Resource Management Errors

<0:1.5.0.12-8.el5
  • C
Out-of-Bounds

<0:1.5.0.12-8.el5
  • C
Resource Management Errors

<0:1.5.0.12-8.el5
  • M
CVE-2008-0591

<0:1.5.0.12-8.el5
  • C
Cross-site Scripting (XSS)

<0:1.5.0.12-8.el5
  • M
Directory Traversal

<0:1.5.0.12-8.el5
  • L
CVE-2008-0592

<0:1.5.0.12-8.el5
  • M
Information Exposure

<0:1.5.0.12-8.el5
  • L
Information Exposure

<0:1.5.0.12-8.el5
  • C
Resource Management Errors

<0:1.5.0.12-8.el5
  • C
Arbitrary Code Injection

<0:1.5.0.12-11.el5_1
  • M
Cross-site Scripting (XSS)

<0:1.5.0.12-11.el5_1
  • C
CVE-2008-1235

<0:1.5.0.12-11.el5_1
  • C
Resource Management Errors

<0:1.5.0.12-12.el5_1
  • C
Resource Management Errors

<0:1.5.0.12-11.el5_1
  • M
Link Following

<0:1.5.0.12-11.el5_1
  • C
Resource Management Errors

<0:1.5.0.12-11.el5_1
  • C
Numeric Errors

<0:2.0.0.16-1.el5
  • M
Improper Authentication

<0:1.5.0.12-11.el5_1
  • C
Access Restriction Bypass

<0:2.0.0.16-1.el5
  • M
Access Restriction Bypass

<0:2.0.0.16-1.el5
  • M
Memory Leak

<0:2.0.0.16-1.el5
  • M
Cross-site Scripting (XSS)

<0:2.0.0.16-1.el5
  • C
Resource Management Errors

<0:2.0.0.16-1.el5
  • C
Resource Management Errors

<0:2.0.0.16-1.el5
  • M
Cross-site Scripting (XSS)

<0:2.0.0.16-1.el5
  • C
Improper Authentication

<0:2.0.0.16-1.el5
  • M
Improper Input Validation

<0:2.0.0.16-1.el5
  • M
Improper Input Validation

<0:2.0.0.16-1.el5
  • C
Resource Management Errors

<0:2.0.0.16-1.el5
  • C
Stack-based Buffer Overflow

<0:2.0.0.17-1.el5
  • M
Access Restriction Bypass

<0:2.0.0.17-1.el5
  • C
Numeric Errors

<0:2.0.0.17-1.el5
  • M
Out-of-Bounds

<0:2.0.0.17-1.el5
  • C
Access Restriction Bypass

<0:2.0.0.17-1.el5
  • C
Resource Management Errors

<0:2.0.0.17-1.el5
  • C
Access Restriction Bypass

<0:2.0.0.17-1.el5
  • M
Cross-site Scripting (XSS)

<0:2.0.0.17-1.el5
  • M
Directory Traversal

<0:2.0.0.17-1.el5
  • C
Access Restriction Bypass

<0:2.0.0.17-1.el5
  • M
Directory Traversal

<0:2.0.0.17-1.el5
  • M
Cross-site Scripting (XSS)

<0:2.0.0.17-1.el5
  • L
XML Injection

<0:2.0.0.18-1.el5
  • C
Improper Input Validation

<0:2.0.0.18-1.el5
  • C
Race Condition

<0:2.0.0.18-1.el5
  • C
Resource Management Errors

<0:2.0.0.18-1.el5
  • M
Improper Authentication

<0:2.0.0.18-1.el5
  • C
Resource Management Errors

<0:2.0.0.18-1.el5
  • C
Numeric Errors

<0:2.0.0.18-1.el5
  • M
Access Restriction Bypass

<0:2.0.0.19-1.el5_2
  • C
Resource Management Errors

<0:2.0.0.19-1.el5_2
  • M
Information Exposure

<0:2.0.0.18-1.el5
  • C
Access Restriction Bypass

<0:2.0.0.19-1.el5_2
  • L
Improper Input Validation

<0:2.0.0.19-1.el5_2
  • C
CVE-2008-5501

<0:2.0.0.19-1.el5_2
  • M
Information Exposure

<0:2.0.0.19-1.el5_2
  • M
CVE-2008-5503

<0:2.0.0.19-1.el5_2
  • C
Cross-site Scripting (XSS)

<0:2.0.0.19-1.el5_2
  • C
Resource Management Errors

<0:2.0.0.19-1.el5_2
  • C
Resource Management Errors

<0:2.0.0.21-1.el5
  • C
Cross-site Scripting (XSS)

<0:2.0.0.19-1.el5_2
  • C
Resource Management Errors

<0:2.0.0.21-1.el5
  • C
Resource Management Errors

<0:2.0.0.21-1.el5
  • M
Access Restriction Bypass

<0:2.0.0.21-1.el5
  • M
Information Exposure

<0:2.0.0.21-1.el5
  • C
Resource Management Errors

<0:2.0.0.21-1.el5
  • M
Configuration

<0:2.0.0.22-2.el5_3
  • M
Configuration

<0:2.0.0.22-2.el5_3
  • C
Configuration

<0:2.0.0.22-2.el5_3
  • M
Improper Authentication

<0:2.0.0.22-2.el5_3
  • H
Improper Input Validation

<0:2.0.0.22-2.el5_3
  • L
Cross-site Scripting (XSS)

<0:2.0.0.22-2.el5_3
  • C
Resource Management Errors

<0:2.0.0.22-2.el5_3
  • C
Arbitrary Code Injection

<0:2.0.0.22-2.el5_3
  • C
Arbitrary Code Injection

<0:2.0.0.22-2.el5_3
  • C
Arbitrary Code Injection

<0:2.0.0.22-2.el5_3
  • C
Out-of-bounds Write

<0:2.0.0.24-2.el5_4
  • C
Numeric Errors

<0:2.0.0.24-2.el5_4
  • H
CVE-2009-2210

<0:2.0.0.22-2.el5_3
  • C
Resource Management Errors

<0:2.0.0.24-2.el5_4
  • L
Improper Input Validation

<0:2.0.0.24-2.el5_4
  • C
CVE-2009-3072

<0:2.0.0.24-2.el5_4
  • C
Arbitrary Code Injection

<0:2.0.0.24-2.el5_4
  • M
CVE-2009-3274

<0:2.0.0.24-2.el5_4
  • C
CVE-2009-3075

<0:2.0.0.24-2.el5_4
  • M
CVE-2009-3076

<0:2.0.0.24-2.el5_4
  • C
CVE-2009-3380

<0:2.0.0.24-2.el5_4
  • L
Configuration

<0:2.0.0.24-2.el5_4
  • C
Integer Overflow or Wraparound

<0:2.0.0.24-2.el5_4
  • C
Out-of-Bounds

<0:2.0.0.24-2.el5_4
  • C
CVE-2009-3979

<0:2.0.0.24-2.el5_4
  • C
Arbitrary Code Injection

<0:2.0.0.24-2.el5_4
  • C
CVE-2010-0159

<0:2.0.0.24-2.el5_4
  • L
CVE-2010-0169

<0:2.0.0.24-2.el5_4
  • H
Cross-site Scripting (XSS)

<0:2.0.0.24-2.el5_4
  • H
CVE-2010-0163

<0:2.0.0.24-2.el5_4
  • M
Cross-site Scripting (XSS)

<0:2.0.0.24-6.el5
  • M
Information Exposure

<0:2.0.0.24-6.el5
  • M
Cross-site Scripting (XSS)

<0:2.0.0.24-8.el5
  • C
CVE-2010-3176

<0:2.0.0.24-9.el5
  • C
Out-of-Bounds

<0:2.0.0.24-10.el5_5
  • M
CVE-2010-3182

<0:2.0.0.24-9.el5
  • C
Use After Free

<0:2.0.0.24-9.el5
  • C
Out-of-Bounds

<0:2.0.0.24-13.el5_5
  • C
Numeric Errors

<0:2.0.0.24-13.el5_5
  • C
Integer Overflow or Wraparound

<0:2.0.0.24-13.el5_5
  • C
CVE-2011-0053

<0:2.0.0.24-14.el5_6
  • C
Improper Input Validation

<0:2.0.0.24-14.el5_6
  • C
Integer Overflow or Wraparound

<0:2.0.0.24-17.el5_6
  • M
CVE-2011-0075

<0:2.0.0.24-17.el5_6
  • C
Improper Input Validation

<0:2.0.0.24-17.el5_6
  • C
CVE-2011-0080

<0:2.0.0.24-17.el5_6
  • M
CVE-2011-0078

<0:2.0.0.24-17.el5_6
  • C
CVE-2011-0074

<0:2.0.0.24-17.el5_6
  • C
Resource Management Errors

<0:2.0.0.24-18.el5_6
  • C
Resource Management Errors

<0:2.0.0.24-18.el5_6
  • C
Use After Free

<0:2.0.0.24-18.el5_6
  • C
CVE-2011-2376

<0:2.0.0.24-18.el5_6
  • C
CVE-2011-2374

<0:2.0.0.24-18.el5_6
  • C
CVE-2011-2364

<0:2.0.0.24-18.el5_6
  • C
CVE-2011-2365

<0:2.0.0.24-18.el5_6
  • C
Out-of-Bounds

<0:2.0.0.24-18.el5_6
  • C
Resource Management Errors

<0:2.0.0.24-18.el5_6
  • M
Access Restriction Bypass

<0:2.0.0.24-18.el5_6
  • C
CVE-2011-2982

<0:2.0.0.24-21.el5
  • C
CVE-2011-2375

<0:2.0.0.24-18.el5_6
  • C
Integer Overflow or Wraparound

<0:2.0.0.24-18.el5_6
  • C
Integer Overflow or Wraparound

<0:2.0.0.24-26.el5_7
  • C
Arbitrary Code Injection

<0:2.0.0.24-18.el5_6
  • C
Information Exposure

<0:2.0.0.24-21.el5
  • C
Cross-site Scripting (XSS)

<0:2.0.0.24-26.el5_7
  • C
Resource Management Errors

<0:2.0.0.18-1.el5
  • C
Arbitrary Code Injection

<0:1.5.0.12-1.el5
  • M
CVE-2010-3169

<0:2.0.0.24-8.el5
  • M
Out-of-Bounds

<0:2.0.0.24-8.el5
  • M
Resource Management Errors

<0:2.0.0.24-8.el5
  • C
Integer Overflow or Wraparound

<0:2.0.0.24-8.el5
  • M
CVE-2010-1200

<0:2.0.0.24-6.el5
  • M
Integer Overflow or Wraparound

<0:2.0.0.24-6.el5
  • M
Numeric Errors

<0:2.0.0.24-6.el5
  • M
Out-of-Bounds

<0:2.0.0.24-8.el5
  • M
CVE-2010-0174

<0:2.0.0.24-6.el5
  • M
Integer Overflow or Wraparound

<0:2.0.0.24-6.el5
  • M
CVE-2010-1211

<0:2.0.0.24-6.el5
  • M
Resource Management Errors

<0:2.0.0.24-6.el5
  • M
Resource Management Errors

<0:2.0.0.24-6.el5
  • M
Resource Management Errors

<0:2.0.0.24-6.el5
  • M
Use After Free

<0:2.0.0.24-6.el5
  • C
Buffer Overflow

<0:2.0.0.24-6.el5
  • M
Information Exposure

<0:45.8.0-1.el5_11
  • M
Information Exposure

<0:45.8.0-1.el5_11
  • L
DEPRECATED: Use of Uninitialized Resource

<0:45.8.0-1.el5_11
  • M
Improper Input Validation

<0:45.7.0-1.el5_11
  • M
Security Features

<0:45.6.0-1.el5_11
  • C
CVE-2012-0442

<0:2.0.0.24-28.el5_7
  • L
Information Exposure

<0:2.0.0.24-28.el5_7
  • M
Cross-site Scripting (XSS)

<0:2.0.0.24-27.el5_7
  • H
Out-of-Bounds

<0:45.7.0-1.el5_11
  • H
Out-of-Bounds

<0:45.7.0-1.el5_11
  • H
Use After Free

<0:45.7.0-1.el5_11
  • M
Use After Free

<0:45.7.0-1.el5_11
  • H
Out-of-Bounds

<0:45.5.0-1.el5_11
  • M
Use After Free

<0:45.7.0-1.el5_11
  • C
Use After Free

<0:45.8.0-1.el5_11
  • M
Origin Validation Error

<0:45.6.0-1.el5_11
  • M
Information Exposure

<0:45.7.0-1.el5_11
  • M
CVE-2017-5390

<0:45.7.0-1.el5_11
  • C
Use After Free

<0:45.8.0-1.el5_11
  • M
Improper Access Control

<0:45.6.0-1.el5_11
  • M
Improper Input Validation

<0:45.6.0-1.el5_11
  • C
Out-of-Bounds

<0:45.8.0-1.el5_11
  • M
Out-of-Bounds

<0:45.8.0-1.el5_11
  • M
Security Features

<0:45.6.0-1.el5_11
  • H
Out-of-Bounds

<0:45.6.0-1.el5_11
  • C
Error Handling

<0:45.8.0-1.el5_11
  • C
Out-of-Bounds

<0:45.8.0-1.el5_11
  • C
CVE-2011-3101

<0:10.0.5-2.el5_8
  • C
CVE-2012-1938

<0:10.0.5-2.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.8-1.el5_8
  • M
Out-of-bounds Read

<0:24.2.0-2.el5_10
  • H
Arbitrary Code Injection

<0:24.2.0-2.el5_10
  • M
Cross-site Scripting (XSS)

<0:24.2.0-2.el5_10
  • H
Use After Free

<0:24.2.0-2.el5_10
  • H
Use After Free

<0:24.2.0-2.el5_10
  • M
CVE-2014-1481

<0:24.3.0-2.el5_10
  • H
Use After Free

<0:24.2.0-2.el5_10
  • H
CVE-2013-5609

<0:24.2.0-2.el5_10
  • L
Improper Restriction of Rendered UI Layers or Frames

<0:24.2.0-2.el5_10
  • C
Use After Free

<0:24.3.0-2.el5_10
  • M
Information Exposure

<0:24.3.0-2.el5_10
  • M
Cross-site Scripting (XSS)

<0:24.2.0-2.el5_10
  • M
CVE-2014-1479

<0:24.3.0-2.el5_10
  • C
Out-of-Bounds

<0:24.4.0-1.el5_10
  • M
Out-of-bounds Read

<0:24.4.0-1.el5_10
  • C
Out-of-bounds Write

<0:24.4.0-1.el5_10
  • C
CVE-2014-1477

<0:24.3.0-2.el5_10
  • C
Out-of-bounds Read

<0:24.4.0-1.el5_10
  • M
Buffer Overflow

<0:24.4.0-1.el5_10
  • M
Information Exposure

<0:24.4.0-1.el5_10
  • M
Out-of-bounds Read

<0:24.4.0-1.el5_10
  • C
Improper Privilege Management

<0:24.4.0-1.el5_10
  • C
Use After Free

<0:24.5.0-1.el5_10
  • C
Improper Privilege Management

<0:24.4.0-1.el5_10
  • C
Improper Privilege Management

<0:24.5.0-1.el5_10
  • C
Use After Free

<0:24.5.0-1.el5_10
  • C
CVE-2014-1518

<0:24.5.0-1.el5_10
  • C
Buffer Overflow

<0:24.5.0-1.el5_10
  • M
Cross-site Scripting (XSS)

<0:24.5.0-1.el5_10
  • M
Out-of-bounds Read

<0:24.5.0-1.el5_10
  • H
Heap-based Buffer Overflow

<0:31.6.0-1.el5_11
  • M
Execution with Unnecessary Privileges

<0:31.6.0-1.el5_11
  • C
Out-of-Bounds

<0:10.0.4-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.4-1.el5_8
  • C
CVE-2012-1937

<0:10.0.5-2.el5_8
  • M
CVE-2012-0479

<0:10.0.4-1.el5_8
  • C
CVE-2012-0467

<0:10.0.4-1.el5_8
  • C
Use After Free

<0:10.0.5-2.el5_8
  • C
Use After Free

<0:10.0.4-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.4-1.el5_8
  • C
Access Restriction Bypass

<0:10.0.4-1.el5_8
  • C
CVE-2012-1948

<0:10.0.6-1.el5_8
  • C
Out-of-Bounds

<0:10.0.4-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.5-2.el5_8
  • C
Out-of-Bounds

<0:10.0.5-2.el5_8
  • C
Out-of-Bounds

<0:10.0.5-2.el5_8
  • M
Improper Input Validation

<0:10.0.6-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.4-1.el5_8
  • C
Out-of-Bounds

<0:10.0.4-1.el5_8
  • C
Out-of-Bounds

<0:10.0.6-1.el5_8
  • M
Use After Free

<0:10.0.6-1.el5_8
  • C
Out-of-Bounds

<0:10.0.5-2.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.6-1.el5_8
  • C
Out-of-Bounds

<0:10.0.5-2.el5_8
  • C
Resource Management Errors

<0:10.0.6-1.el5_8
  • M
Numeric Errors

<0:10.0.4-1.el5_8
  • C
Access Restriction Bypass

<0:10.0.6-1.el5_8
  • M
Improper Privilege Management

<0:10.0.8-1.el5_8
  • M
CVE-2012-1955

<0:10.0.6-1.el5_8
  • M
Information Exposure

<0:10.0.5-2.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Resource Management Errors

<0:10.0.6-1.el5_8
  • C
Resource Management Errors

<0:10.0.6-1.el5_8
  • C
Out-of-Bounds

<0:10.0.5-2.el5_8
  • C
Out-of-Bounds

<0:10.0.7-1.el5_8
  • M
CVE-2012-1964

<0:10.0.6-1.el5_8
  • M
Access Restriction Bypass

<0:10.0.6-1.el5_8
  • C
CVE-2013-0801

<0:17.0.6-1.el5_9
  • H
Arbitrary Code Injection

<0:10.0.7-1.el5_8
  • M
Access Restriction Bypass

<0:10.0.7-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
CVE-2013-0788

<0:17.0.5-1.el5_9
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Out-of-Bounds

<0:17.0.6-1.el5_9
  • C
CVE-2012-1967

<0:10.0.6-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:17.0.5-1.el5_9
  • C
Use After Free

<0:17.0.3-2.el5_9
  • C
Use After Free

<0:17.0.6-1.el5_9
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Resource Management Errors

<0:17.0.6-1.el5_9
  • C
Resource Management Errors

<0:17.0.6-1.el5_9
  • C
Resource Management Errors

<0:17.0.7-1.el5_9
  • C
Out-of-Bounds

<0:17.0.6-1.el5_9
  • M
Cross-site Request Forgery (CSRF)

<0:17.0.7-1.el5_9
  • C
Access Restriction Bypass

<0:17.0.5-1.el5_9
  • M
Cross-site Scripting (XSS)

<0:17.0.6-1.el5_9
  • C
CVE-2013-1682

<0:17.0.7-1.el5_9
  • C
Out-of-Bounds

<0:17.0.6-1.el5_9
  • C
Resource Management Errors

<0:17.0.7-1.el5_9
  • C
Resource Management Errors

<0:17.0.6-1.el5_9
  • M
Access Restriction Bypass

<0:17.0.8-5.el5_9
  • C
CVE-2013-1701

<0:17.0.8-5.el5_9
  • M
Improper Input Validation

<0:17.0.7-1.el5_9
  • C
Resource Management Errors

<0:17.0.7-1.el5_9
  • M
Access Restriction Bypass

<0:17.0.7-1.el5_9
  • C
Cross-site Scripting (XSS)

<0:17.0.8-5.el5_9
  • M
Access Restriction Bypass

<0:17.0.7-1.el5_9
  • M
Cross-site Scripting (XSS)

<0:17.0.8-5.el5_9
  • M
Access Restriction Bypass

<0:17.0.8-5.el5_9
  • C
Access Restriction Bypass

<0:17.0.7-1.el5_9
  • C
Improper Input Validation

<0:17.0.9-1.el5_9
  • C
Out-of-Bounds

<0:17.0.9-1.el5_9
  • C
Use After Free

<0:17.0.9-1.el5_9
  • C
Out-of-Bounds

<0:17.0.9-1.el5_9
  • C
CVE-2013-5590

<0:17.0.10-1.el5_10
  • M
Out-of-Bounds

<0:17.0.10-1.el5_10
  • H
Out-of-Bounds

<0:17.0.9-1.el5_9
  • M
Access Restriction Bypass

<0:17.0.8-5.el5_9
  • C
Use After Free

<0:17.0.10-1.el5_10
  • H
Out-of-Bounds

<0:17.0.9-1.el5_9
  • M
Out-of-Bounds

<0:17.0.10-1.el5_10
  • C
Out-of-Bounds

<0:17.0.9-1.el5_9
  • C
Use After Free

<0:17.0.10-1.el5_10
  • C
Use After Free

<0:24.6.0-1.el5_10
  • C
Out-of-Bounds

<0:24.6.0-1.el5_10
  • M
Access Restriction Bypass

<0:17.0.9-1.el5_9
  • C
CVE-2014-1533

<0:24.6.0-1.el5_10
  • C
Use After Free

<0:17.0.10-1.el5_10
  • C
Use After Free

<0:17.0.10-1.el5_10
  • C
Use After Free

<0:24.8.0-1.el5_10
  • C
Out-of-Bounds

<0:17.0.10-1.el5_10
  • C
CVE-2014-1547

<0:24.7.0-1.el5_10
  • C
Arbitrary Code Injection

<0:24.7.0-1.el5_10
  • M
Operation on a Resource after Expiration or Release

<0:24.7.0-1.el5_10
  • C
Out-of-Bounds

<0:24.8.0-1.el5_10
  • H
Use After Free

<0:31.5.0-1.el5_11
  • M
Use After Free

<0:24.7.0-1.el5_10
  • C
Heap-based Buffer Overflow

<0:31.4.0-1.el5_11
  • M
Out-of-Bounds

<0:31.5.0-1.el5_11
  • M
Cross-site Request Forgery (CSRF)

<0:31.4.0-1.el5_11
  • H
CVE-2015-0836

<0:31.5.0-1.el5_11
  • C
Code

<0:31.8.0-1.el5_11
  • M
Cross-site Request Forgery (CSRF)

<0:31.6.0-1.el5_11
  • M
Information Exposure

<0:31.5.0-1.el5_11
  • M
Arbitrary Argument Injection

<0:31.4.0-1.el5_11
  • H
CVE-2015-2708

<0:31.7.0-1.el5_11
  • H
Out-of-Bounds

<0:31.8.0-1.el5_11
  • C
Use After Free

<0:31.8.0-1.el5_11
  • H
Out-of-Bounds

<0:31.8.0-1.el5_11
  • H
Use After Free

<0:31.7.0-1.el5_11
  • C
Code

<0:31.8.0-1.el5_11
  • H
Out-of-Bounds

<0:31.7.0-1.el5_11
  • H
Out-of-Bounds

<0:31.7.0-1.el5_11
  • C
Code

<0:31.8.0-1.el5_11
  • C
Code

<0:31.8.0-1.el5_11
  • M
Cryptographic Issues

<0:31.8.0-1.el5_11
  • C
Code

<0:31.8.0-1.el5_11
  • C
Out-of-Bounds

<0:31.8.0-1.el5_11
  • C
Out-of-Bounds

<0:38.6.0-1.el5_11
  • H
Out-of-bounds Read

<0:38.6.0-1.el5_11
  • M
Out-of-Bounds

<0:38.7.0-1.el5_11
  • C
Heap-based Buffer Overflow

<0:38.6.0-1.el5_11
  • C
Out-of-Bounds

<0:38.6.0-1.el5_11
  • C
Out-of-Bounds

<0:31.8.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
NULL Pointer Dereference

<0:38.6.0-1.el5_11
  • M
Access Restriction Bypass

<0:38.7.0-1.el5_11
  • H
CVE-2016-1961

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
CVE-2016-1966

<0:38.7.0-1.el5_11
  • H
CVE-2016-1964

<0:38.7.0-1.el5_11
  • H
Improper Data Handling

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
CVE-2016-1960

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.8.0-1.el5_11
  • H
Improper Data Handling

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.8.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • M
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:45.2-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:45.3.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:38.7.0-1.el5_11
  • H
Out-of-Bounds

<0:45.4.0-1.el5_11
  • M
Cross-site Scripting (XSS)

<0:10.0.3-1.el5_8
  • C
Information Exposure

<0:10.0.3-1.el5_8
  • C
Resource Management Errors

<0:10.0.3-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
CVE-2012-0462

<0:10.0.3-1.el5_8
  • C
CVE-2012-0461

<0:10.0.3-1.el5_8
  • C
Out-of-Bounds

<0:10.0.4-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Resource Management Errors

<0:10.0.3-1.el5_8
  • C
Access Restriction Bypass

<0:10.0.3-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Access Restriction Bypass

<0:10.0.3-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Out-of-Bounds

<0:10.0.7-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • M
Access Restriction Bypass

<0:10.0.3-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • M
Improper Input Validation

<0:10.0.8-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.3-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Use After Free

<0:10.0.7-1.el5_8
  • C
Access Restriction Bypass

<0:10.0.8-1.el5_8
  • C
CVE-2012-3982

<0:10.0.8-1.el5_8
  • M
Out-of-bounds Read

<0:10.0.7-1.el5_8
  • C
Use After Free

<0:10.0.8-1.el5_8
  • C
Use After Free

<0:10.0.8-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.8-1.el5_8
  • C
Out-of-bounds Read

<0:10.0.8-1.el5_8
  • C
Out-of-bounds Read

<0:10.0.8-1.el5_8
  • C
Out-of-bounds Read

<0:10.0.8-1.el5_8
  • C
Out-of-bounds Read

<0:10.0.8-1.el5_8
  • C
Out-of-Bounds

<0:10.0.8-1.el5_8
  • C
Arbitrary Code Injection

<0:10.0.10-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.11-1.el5_8
  • C
Out-of-Bounds

<0:10.0.8-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.8-1.el5_8
  • C
Out-of-bounds Read

<0:10.0.8-1.el5_8
  • C
Out-of-Bounds

<0:10.0.8-1.el5_8
  • C
Cross-site Scripting (XSS)

<0:10.0.10-1.el5_8
  • C
Cross-site Scripting (XSS)

<0:10.0.10-1.el5_8
  • C
Out-of-Bounds

<0:10.0.11-1.el5_8
  • C
Out-of-bounds Read

<0:10.0.8-1.el5_8
  • C
Out-of-bounds Write

<0:10.0.11-1.el5_8
  • C
Origin Validation Error

<0:10.0.8-2.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.11-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.11-1.el5_8
  • C
Out-of-Bounds

<0:10.0.11-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.8-1.el5_8
  • C
Out-of-Bounds

<0:10.0.11-1.el5_8
  • C
Use After Free

<0:10.0.12-3.el5_9
  • C
Out-of-Bounds

<0:10.0.8-1.el5_8
  • C
Out-of-Bounds

<0:10.0.11-1.el5_8
  • M
Cross-site Scripting (XSS)

<0:10.0.11-1.el5_8
  • C
Out-of-Bounds

<0:10.0.11-1.el5_8
  • C
Out-of-Bounds

<0:10.0.11-1.el5_8
  • C
Use After Free

<0:10.0.12-3.el5_9
  • C
Out-of-Bounds

<0:10.0.11-1.el5_8
  • C
Arbitrary Code Injection

<0:10.0.12-3.el5_9
  • C
Use After Free

<0:10.0.12-3.el5_9
  • C
Integer Overflow or Wraparound

<0:10.0.12-3.el5_9
  • C
Out-of-Bounds

<0:10.0.12-3.el5_9
  • C
Out-of-bounds Read

<0:17.0.3-1.el5_9
  • C
Out-of-Bounds

<0:10.0.11-1.el5_8
  • C
Out-of-Bounds

<0:10.0.11-1.el5_8
  • M
Information Exposure

<0:10.0.12-3.el5_9
  • C
CVE-2013-0746

<0:10.0.12-3.el5_9
  • C
CVE-2013-0796

<0:17.0.5-1.el5_9
  • C
CVE-2013-0769

<0:10.0.12-3.el5_9
  • C
Out-of-Bounds

<0:10.0.12-3.el5_9
  • C
Use After Free

<0:17.0.3-1.el5_9
  • M
Improper Authentication

<0:10.0.12-3.el5_9
  • C
CVE-2012-5842

<0:10.0.11-1.el5_8
  • H
Out-of-bounds Write

<0:17.0.5-1.el5_9
  • C
Out-of-Bounds

<0:10.0.12-3.el5_9
  • M
Improper Certificate Validation

<0:17.0.3-1.el5_9
  • C
Out-of-Bounds

<0:17.0.7-1.el5_9
  • C
Out-of-bounds Read

<0:17.0.3-1.el5_9
  • H
Use After Free

<0:45.6.0-1.el5_11
  • C
Missing Initialization of a Variable

<0:17.0.6-1.el5_9
  • H
Out-of-Bounds

<0:38.2.0-4.el5_11
  • M
CVE-2015-4488

<0:38.2.0-4.el5_11
  • H
Use After Free

<0:38.3.0-1.el5_11
  • M
Out-of-Bounds

<0:38.2.0-4.el5_11
  • H
Execution with Unnecessary Privileges

<0:38.3.0-1.el5_11
  • H
Buffer Access with Incorrect Length Value

<0:38.3.0-1.el5_11
  • H
Improper Access Control

<0:38.3.0-1.el5_11
  • M
Out-of-Bounds

<0:38.2.0-4.el5_11
  • H
Execution with Unnecessary Privileges

<0:38.3.0-1.el5_11
  • M
Information Exposure

<0:38.3.0-1.el5_11
  • H
Heap-based Buffer Overflow

<0:38.2.0-4.el5_11
  • H
Execution with Unnecessary Privileges

<0:38.3.0-1.el5_11
  • H
Numeric Errors

<0:38.5.0-1.el5_11
  • H
Execution with Unnecessary Privileges

<0:38.3.0-1.el5_11
  • H
Execution with Unnecessary Privileges

<0:38.3.0-1.el5_11
  • H
Execution with Unnecessary Privileges

<0:38.3.0-1.el5_11
  • H
Information Exposure

<0:38.5.0-1.el5_11
  • H
Execution with Unnecessary Privileges

<0:38.3.0-1.el5_11
  • M
Out-of-Bounds

<0:38.4.0-1.el5_11
  • H
Security Features

<0:38.4.0-1.el5_11
  • M
Access Restriction Bypass

<0:38.4.0-1.el5_11
  • C
Out-of-Bounds

<0:38.4.0-1.el5_11
  • H
Integer Overflow or Wraparound

<0:38.5.0-1.el5_11
  • H
Out-of-Bounds

<0:38.4.0-1.el5_11
  • C
Out-of-Bounds

<0:38.4.0-1.el5_11
  • C
Out-of-Bounds

<0:38.5.0-1.el5_11
  • M
Integer Overflow or Wraparound

<0:38.5.0-1.el5_11