Search CVE reports

Toggle filters

661 – 670 of 3130 results

CVE-2023-5172

Medium priority

Some fixes available 1 of 14

A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Ignored
Show all 8 packages Show less packages

CVE-2023-5171

Medium priority

Some fixes available 4 of 16

During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118,...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Ignored
Show all 8 packages Show less packages

CVE-2023-5170

Medium priority

Some fixes available 1 of 14

In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Ignored
Show all 8 packages Show less packages

CVE-2023-5169

Medium priority

Some fixes available 4 of 16

A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox <...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Ignored
Show all 8 packages Show less packages

CVE-2023-5174

Medium priority
Ignored

If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Firefox on...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not in release Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Ignored
Show all 8 packages Show less packages

CVE-2023-5168

Medium priority
Ignored

A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not in release Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Ignored
Show all 8 packages Show less packages

CVE-2023-4863

Medium priority
Fixed

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

4 affected packages

chromium-browser, firefox, libwebp, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected Not in release Ignored
firefox Not affected Not affected Fixed Ignored
libwebp Fixed Fixed Fixed Fixed
thunderbird Fixed Fixed Fixed Ignored
Show less packages

CVE-2023-4582

Negligible priority
Not affected

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not in release Ignored
mozjs102 Not affected Not in release Not in release
mozjs38 Not in release Not in release Not affected
mozjs52 Not in release Not affected Not affected
mozjs68 Not in release Not affected Not in release
mozjs78 Not affected Not in release Not in release
mozjs91 Not affected Not in release Not in release
thunderbird Not affected Not in release Ignored
Show all 8 packages Show less packages

CVE-2023-4576

Negligible priority
Ignored

On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Ignored Not in release Ignored
mozjs102 Ignored Not in release Not in release
mozjs38 Not in release Not in release Ignored
mozjs52 Not in release Ignored Ignored
mozjs68 Not in release Ignored Not in release
mozjs78 Ignored Not in release Not in release
mozjs91 Ignored Not in release Not in release
thunderbird Ignored Not in release Ignored
Show all 8 packages Show less packages

CVE-2023-4585

Medium priority

Some fixes available 6 of 18

Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
mozjs102 Ignored Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Ignored
Show all 8 packages Show less packages
  1. Previous page
  2. 65
  3. 66
  4. 67
  5. 68
  6. 69
  7. Next page
Export to JSON