Search CVE reports
1341 – 1350 of 3038 results
Some fixes available 30 of 37
Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This...
5 affected packages
firefox-esr, mozjs52, firefox, mozjs38, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-esr | Not in release | Not in release | Not in release | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
Some fixes available 15 of 22
Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62.
3 affected packages
mozjs52, firefox, mozjs38
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
Some fixes available 18 of 24
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
79 affected packages
firefox, intel-microcode, linux, linux-aws, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Not in release | Not affected |
| intel-microcode | Not affected | Not affected | Not affected | Fixed |
| linux | Not affected | Not affected | Not affected | Not affected |
| linux-aws | Not affected | Not affected | Not affected | Not affected |
| linux-azure | Not affected | Not affected | Not affected | Not affected |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected |
| linux-euclid | — | — | — | Not in release |
| linux-flo | — | — | — | Not in release |
| linux-gcp | Not affected | Not affected | Not affected | Not affected |
| linux-gke | Not affected | Not affected | Ignored | Not in release |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | Not in release | Not affected | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Not affected |
| linux-raspi2 | Not in release | Not in release | Ignored | Not affected |
| linux-snapdragon | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not affected | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release |
| linux-fips | Not in release | Not affected | Not affected | Not affected |
| linux-aws-fips | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Not affected |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Not affected | Not in release | Not in release | Not in release |
| linux-realtime | Not affected | Not affected | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.11 | Not affected | Not in release | Not in release | Not in release |
Some fixes available 38 of 41
Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary...
4 affected packages
firefox, mozjs38, mozjs52, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Fixed | Fixed |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
Some fixes available 16 of 25
Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code....
3 affected packages
mozjs52, firefox, mozjs38
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
Some fixes available 16 of 25
Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 61.
3 affected packages
mozjs38, mozjs52, firefox
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| firefox | Fixed | Fixed | Fixed | Fixed |
A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This...
1 affected package
firefox
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable...
1 affected package
firefox
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections....
1 affected package
firefox
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR < 60.1 and Firefox < 61.
1 affected package
firefox
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |