Search CVE reports
2931 – 2940 of 3080 results
Some fixes available 8 of 9
Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
5 affected packages
firefox, iceape, lightning-sunbird, midbrowser, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 11 of 12
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary...
6 affected packages
firefox, iceape, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 11 of 12
Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width...
6 affected packages
firefox, iceape, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 11 of 12
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service...
6 affected packages
firefox, iceape, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of...
3 affected packages
firefox, mozilla-thunderbird, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| mozilla-thunderbird | — | — | — | — | — |
| thunderbird | — | — | — | — | — |
Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the...
1 affected package
firefox
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme, which is...
1 affected package
firefox
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
Mozilla Firefox might allow remote attackers to conduct spoofing and phishing attacks by writing to an about:blank tab and overlaying the location bar.
1 affected package
firefox
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
Some fixes available 8 of 9
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with...
5 affected packages
firefox, iceape, lightning-sunbird, midbrowser, xulrunner
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | — |
| iceape | — | — | — | — | — |
| lightning-sunbird | — | — | — | — | — |
| midbrowser | — | — | — | — | — |
| xulrunner | — | — | — | — | — |
Some fixes available 2 of 3
Cross-site scripting (XSS) vulnerability in the (1) Sage before 1.3.10, and (2) Sage++ extensions for Firefox, allows remote attackers to inject arbitrary web script or HTML via a "<SCRIPT/=''SRC='" sequence in an RSS feed, a...
1 affected package
firefox-sage
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox-sage | — | — | — | — | — |