Search CVE reports

Toggle filters

1191 – 1200 of 2389 results

CVE-2019-12383

Medium priority
Not affected

Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to detect the browser's UI locale by measuring a button width, even if the user has a "Don't send my language" setting.

6 affected packages

firefox-esr, mozjs38, mozjs52, firefox, mozjs60, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox-esr Not in release
mozjs38 Not affected
mozjs52 Not affected
firefox Not affected
mozjs60 Not in release
thunderbird Not affected
Show less packages

CVE-2016-9969

Medium priority
Ignored

In libwebp 0.5.1, there is a double free bug in libwebpmux.

9 affected packages

godot, libwebp, mozjs60, qtimageformats-opensource-src, qtwebengine-opensource-src...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
godot Not affected Not affected Not affected Not in release
libwebp Not affected Not affected Not affected Not affected
mozjs60 Not in release Not in release Not in release Not in release
qtimageformats-opensource-src Not affected Not affected Not affected Not affected
qtwebengine-opensource-src Not affected Not affected Not affected Not affected
mozjs52 Not in release Not in release Ignored Ignored
firefox Not affected Not affected Not in release Not affected
mozjs38 Not in release Not in release Not in release Ignored
thunderbird Not affected Not affected Not in release Not affected
Show all 9 packages Show less packages

CVE-2019-9820

Medium priority

Some fixes available 28 of 38

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

5 affected packages

mozjs52, mozjs60, firefox, mozjs38, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-9819

Medium priority

Some fixes available 28 of 38

A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

5 affected packages

mozjs52, mozjs38, firefox, mozjs60, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs38 Not in release Not in release Not in release Ignored
firefox Fixed Fixed Fixed Fixed
mozjs60 Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-9817

Medium priority

Some fixes available 28 of 38

Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird <...

5 affected packages

mozjs52, firefox, mozjs38, mozjs60, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-9816

Medium priority

Some fixes available 28 of 38

A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been...

5 affected packages

firefox, mozjs38, mozjs52, mozjs60, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-9800

Medium priority

Some fixes available 28 of 38

Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort...

5 affected packages

firefox, mozjs38, mozjs52, mozjs60, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-11698

Medium priority

Some fixes available 28 of 38

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and...

5 affected packages

mozjs52, firefox, mozjs38, mozjs60, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-11693

Medium priority

Some fixes available 28 of 38

The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue...

5 affected packages

mozjs52, mozjs38, firefox, mozjs60, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs38 Not in release Not in release Not in release Ignored
firefox Fixed Fixed Fixed Fixed
mozjs60 Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-11692

Medium priority

Some fixes available 28 of 38

A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and...

5 affected packages

firefox, mozjs38, mozjs52, mozjs60, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages
  1. Previous page
  2. 118
  3. 119
  4. 120
  5. 121
  6. 122
  7. Next page
Export to JSON