CVE search results

1521 – 1530 of 2385 results

Detailed view

Sort by:

CVE-2016-2818

Medium priority

Fixed

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly...

2 affected packages

firefox, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2016-2815

Medium priority

Fixed

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

2 affected packages

firefox, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2016-0718

Medium priority

Some fixes available 33 of 206

Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

28 affected packages

ayttm, libparagui1.1, audacity, firefox, thunderbird...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ayttm	—	Not in release	Not in release	Not in release	Not in release
libparagui1.1	—	Not in release	Not in release	Not in release	Not in release
audacity	—	Not affected	Not affected	Not affected	Not affected
firefox	—	Not affected	Not affected	Not in release	Not affected
thunderbird	—	Not affected	Not affected	Not in release	Not affected
expat	—	Fixed	Fixed	Fixed	Fixed
vnc4	—	Not in release	Not in release	Not in release	Ignored
wxwidgets2.6	—	Not in release	Not in release	Not in release	Not in release
wxwidgets2.8	—	Not in release	Not in release	Not in release	Not in release
poco	—	Not affected	Not affected	Not affected	Not affected
sitecopy	—	Not in release	Not affected	Not affected	Not affected
tla	—	Not affected	Not affected	Not affected	Not affected
xotcl	—	Not affected	Not affected	Not affected	Not affected
kompozer	—	Not in release	Not in release	Not in release	Not in release
swish-e	—	Vulnerable	Vulnerable	Vulnerable	Vulnerable
wbxml2	—	Not affected	Not affected	Not affected	Not affected
gdcm	—	Not affected	Not affected	Not affected	Not affected
insighttoolkit	—	Not in release	Not in release	Not in release	Not in release
cableswig	—	Not in release	Not in release	Not in release	Not in release
simgear	—	Not affected	Not affected	Not affected	Not affected
matanza	—	Ignored	Ignored	Ignored	Ignored
smart	—	Not in release	Not in release	Not in release	Not affected
tdom	—	Not affected	Not affected	Not affected	Not affected
vtk	—	Not in release	Not in release	Not in release	Not in release
coin3	—	Vulnerable	Vulnerable	Vulnerable	Vulnerable
xmlrpc-c	—	Vulnerable	Vulnerable	Vulnerable	Vulnerable
cadaver	—	Vulnerable	Vulnerable	Vulnerable	Vulnerable
libxmltok	—	Fixed	Fixed	Fixed	Fixed

CVE-2016-2805

Medium priority

Fixed

Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

3 affected packages

thunderbird, firefox, mozjs38

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
thunderbird	—	—	—	—	—
firefox	—	—	—	—	—
mozjs38	—	—	—	—	—

CVE-2016-2820

Medium priority

Fixed

The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by...

2 affected packages

thunderbird, firefox

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
thunderbird	—	—	—	—	—
firefox	—	—	—	—	—

CVE-2016-2817

Medium priority

Fixed

The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows...

2 affected packages

firefox, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2016-2816

Medium priority

Fixed

Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.

2 affected packages

firefox, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2016-2814

Medium priority

Fixed

Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to...

2 affected packages

firefox, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2016-2812

Medium priority

Fixed

Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer...

2 affected packages

firefox, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
thunderbird	—	—	—	—	—

CVE-2016-2811

Medium priority

Fixed

Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method.

2 affected packages

firefox, thunderbird

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—	—
thunderbird	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports