Search CVE reports

Toggle filters

581 – 590 of 3130 results

CVE-2024-2606

Medium priority

Some fixes available 1 of 11

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox < 124.

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed
mozjs102 Ignored Ignored Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored
mozjs78 Not in release Ignored Not in release
mozjs91 Not in release Ignored Not in release
thunderbird Not affected Not affected Not in release
Show all 8 packages Show less packages

CVE-2024-2605

Medium priority
Ignored

An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not in release
mozjs102 Ignored Ignored Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored
mozjs78 Not in release Ignored Not in release
mozjs91 Not in release Ignored Not in release
thunderbird Not affected Not affected Not in release
Show all 8 packages Show less packages

CVE-2024-28757

Medium priority

Some fixes available 2 of 91

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

23 affected packages

apache2, apr-util, ayttm, cableswig, cadaver...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Not affected Needs evaluation
expat Not affected Not affected Fixed Ignored Ignored
firefox Not affected Not affected Not affected Not in release
gdcm Not affected Not affected Not affected Not affected Needs evaluation
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit4 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
libxmltok Not in release Ignored Ignored Ignored Ignored
matanza Ignored Ignored Ignored Ignored Ignored
smart Not in release Not in release Not in release Not in release Needs evaluation
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texlive-bin Not affected Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Not in release
vnc4 Not in release Not in release Not in release Not in release Needs evaluation
vtk Not in release Not in release Not in release Not in release
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 23 packages Show less packages

CVE-2024-1557

Medium priority

Some fixes available 1 of 11

Memory safety bugs present in Firefox 122. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Ignored
Show all 8 packages Show less packages

CVE-2024-1556

Medium priority

Some fixes available 1 of 11

The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Ignored
Show all 8 packages Show less packages

CVE-2024-1555

Medium priority

Some fixes available 1 of 11

When opening a website using the `firefox://` protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox < 123.

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Ignored
Show all 8 packages Show less packages

CVE-2024-1554

Medium priority

Some fixes available 1 of 11

The `fetch()` API and navigation incorrectly shared the same cache, as the cache key did not include the optional headers `fetch()` may contain. Under the correct circumstances, an attacker may have been able to poison the local...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Ignored
Show all 8 packages Show less packages

CVE-2024-1553

Medium priority

Some fixes available 4 of 13

Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Ignored
Show all 8 packages Show less packages

CVE-2024-1552

Medium priority

Some fixes available 4 of 13

Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8,...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Ignored
Show all 8 packages Show less packages

CVE-2024-1551

Medium priority

Some fixes available 4 of 13

Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Ignored
Show all 8 packages Show less packages
  1. Previous page
  2. 57
  3. 58
  4. 59
  5. 60
  6. 61
  7. Next page
Export to JSON