Search CVE reports
991 – 1000 of 2976 results
Some fixes available 14 of 31
Crossbeam is a set of tools for concurrent programming. In crossbeam-channel before version 0.4.4, the bounded channel incorrectly assumes that `Vec::from_iter` has allocated capacity that same as the number of iterator elements....
6 affected packages
mozjs52, mozjs68, firefox, mozjs38, mozjs60, rust-crossbeam
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | Not in release |
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| rust-crossbeam | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
Some fixes available 16 of 17
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
18 affected packages
chromium-browser, godot, graphicsmagick, musescore, openjdk-13...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not in release | Fixed |
| godot | Not affected | Not affected | Not affected | Not in release |
| graphicsmagick | Not affected | Not affected | Not affected | Not affected |
| musescore | Not in release | Not in release | Not affected | Not affected |
| openjdk-13 | Not in release | Not in release | Not affected | Not in release |
| texmaker | Not affected | Not affected | Not affected | Not affected |
| android | Not in release | Not in release | Not in release | Not in release |
| firefox | Not affected | Not affected | Not in release | Not affected |
| freetype | Fixed | Fixed | Fixed | Fixed |
| openjdk-lts | Not affected | Not affected | Not affected | Not affected |
| openjdk-15 | Not in release | Not in release | Not in release | Not in release |
| oxide-qt | Not in release | Not in release | Not in release | Not in release |
| paraview | Not affected | Not affected | Not affected | Not affected |
| qtbase-opensource-src | Not affected | Not affected | Not affected | Not affected |
| thunderbird | Not affected | Not affected | Not in release | Not affected |
| openjdk-12 | Not in release | Not in release | Not in release | Not in release |
| qtbase-opensource-src-gles | Not affected | Not affected | Not affected | Not in release |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
Some fixes available 23 of 29
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
7 affected packages
mozjs52, chromium-browser, firefox, mozjs38, mozjs60...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| chromium-browser | Not affected | Not affected | Not in release | Fixed |
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to...
2 affected packages
thunderbird, firefox-esr
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| thunderbird | — | Not affected | Fixed | Fixed |
| firefox-esr | — | Not in release | Not in release | Not in release |
When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. Within Firefox as released...
5 affected packages
mozjs52, mozjs68, firefox, mozjs38, mozjs60
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | Not in release |
| firefox | Not affected | Not affected | Not in release | Not affected |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that...
2 affected packages
firefox, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | Not in release | Not affected |
| thunderbird | — | — | Not in release | Not affected |
Some fixes available 13 of 19
When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not...
6 affected packages
thunderbird, firefox, mozjs38, mozjs60, mozjs52, mozjs68
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| thunderbird | Not affected | Not affected | Fixed | Fixed |
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | Not in release |
Some fixes available 13 of 19
By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the...
6 affected packages
firefox, mozjs38, mozjs60, thunderbird, mozjs52, mozjs68
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Fixed | Fixed |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | Not in release |
Some fixes available 13 of 19
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability...
6 affected packages
firefox, mozjs38, thunderbird, mozjs52, mozjs60, mozjs68
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| thunderbird | Not affected | Not affected | Fixed | Fixed |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release |
Some fixes available 11 of 17
When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 81.
5 affected packages
firefox, mozjs38, mozjs52, mozjs60, mozjs68
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release |