Search CVE reports

Toggle filters

781 – 790 of 2389 results

CVE-2022-31739

Medium priority
Ignored

When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.<br>*This bug only...

8 affected packages

mozjs38, mozjs52, mozjs68, mozjs78, mozjs91...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
firefox-esr
firefox Not affected Not affected Not in release Not affected
thunderbird Not affected Not affected Not in release Not affected
Show all 8 packages Show less packages

CVE-2022-3155

Medium priority
Not affected

When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was...

1 affected package

thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
thunderbird Not affected Not in release Not affected
Show less packages

CVE-2022-22753

Medium priority
Not affected

A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.<br>*This bug only...

2 affected packages

firefox, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not in release Not affected
thunderbird Not affected Not in release Not affected
Show less packages

CVE-2022-22746

Medium priority
Ignored

A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*....

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not in release Not affected
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Not affected
Show less packages

CVE-2022-22744

Medium priority
Ignored

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug only affects Thunderbird...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not in release Not affected
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Not affected
Show less packages

CVE-2021-4127

Medium priority
Ignored

An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird < 78.9 and Firefox ESR < 78.9.

2 affected packages

firefox, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not in release Not affected
thunderbird Not affected Not in release Ignored
Show less packages

CVE-2022-46879

Medium priority

Some fixes available 2 of 11

Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and...

7 affected packages

firefox, mozjs78, thunderbird, mozjs38, mozjs52...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Not in release Ignored
mozjs38 Not in release Not in release Ignored
mozjs52 Not in release Ignored Ignored
mozjs68 Not in release Ignored Not in release
mozjs91 Ignored Not in release Not in release
Show all 7 packages Show less packages

CVE-2022-46878

Medium priority

Some fixes available 9 of 17

Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with...

7 affected packages

firefox, mozjs78, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs78 Not in release Ignored Not in release Not in release
mozjs38 Not in release Not in release Ignored
mozjs52 Not in release Ignored Ignored
mozjs68 Not in release Ignored Not in release
mozjs91 Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show all 7 packages Show less packages

CVE-2022-46877

Medium priority

Some fixes available 9 of 17

By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108.

7 affected packages

mozjs68, mozjs78, mozjs91, firefox, mozjs38...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs68 Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Ignored Not in release Not in release
firefox Not affected Not affected Fixed Fixed
mozjs38 Not in release Not in release Ignored
mozjs52 Not in release Ignored Ignored
thunderbird Fixed Fixed Fixed Fixed
Show all 7 packages Show less packages

CVE-2022-46874

Medium priority

Some fixes available 9 of 17

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of...

7 affected packages

firefox, mozjs78, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs78 Not in release Ignored Not in release Not in release
mozjs38 Not in release Not in release Ignored
mozjs52 Not in release Ignored Ignored
mozjs68 Not in release Ignored Not in release
mozjs91 Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show all 7 packages Show less packages
  1. Previous page
  2. 77
  3. 78
  4. 79
  5. 80
  6. 81
  7. Next page
Export to JSON