Search CVE reports
41 – 50 of 2335 results
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Vulnerable | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Vulnerable | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Vulnerable | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Vulnerable | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Vulnerable | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Vulnerable | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Vulnerable | — | — |
| mozjs38 | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Ignored | — | — |
| mozjs102 | Ignored | Ignored | — | — |
| mozjs115 | Ignored | Not in release | — | — |
Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (‎Modules/ThirdParty/Expat/src/expat modules).This issue affects ITK: before 2.7.1.
23 affected packages
smart, expat, apache2, apr-util, cmake...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| smart | Not in release | Not in release | — | Needs evaluation |
| expat | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vnc4 | Not in release | Not in release | — | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| insighttoolkit4 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| gdcm | Not affected | Not affected | Not affected | Needs evaluation |
| ayttm | Not in release | Not in release | — | — |
| cableswig | Not in release | Not in release | — | — |
| coin3 | Not affected | Not affected | Not affected | Needs evaluation |
| matanza | Ignored | Ignored | Ignored | Needs evaluation |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vtk | Not in release | Not in release | — | — |
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Not affected | — | — |
| libxmltok | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.
23 affected packages
expat, coin3, apache2, apr-util, cmake...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| expat | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| coin3 | Not affected | Not affected | Not affected | Needs evaluation |
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vnc4 | Not in release | Not in release | — | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| insighttoolkit4 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| gdcm | Not affected | Not affected | Not affected | Needs evaluation |
| ayttm | Not in release | Not in release | — | — |
| cableswig | Not in release | Not in release | — | — |
| matanza | Ignored | Ignored | Ignored | Needs evaluation |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vtk | Not in release | Not in release | — | — |
| smart | Not in release | Not in release | — | Needs evaluation |
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Not affected | — | — |
| libxmltok | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libexpat before 2.7.5 allows an infinite loop while parsing DTD content.
23 affected packages
expat, apache2, apr-util, cmake, ghostscript...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| expat | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vnc4 | Not in release | Not in release | — | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| insighttoolkit4 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| gdcm | Not affected | Not affected | Not affected | Needs evaluation |
| ayttm | Not in release | Not in release | — | — |
| cableswig | Not in release | Not in release | — | — |
| coin3 | Not affected | Not affected | Not affected | Needs evaluation |
| matanza | Ignored | Ignored | Ignored | Needs evaluation |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vtk | Not in release | Not in release | — | — |
| smart | Not in release | Not in release | — | Needs evaluation |
| firefox | Not affected | Not affected | — | — |
| thunderbird | Not affected | Not affected | — | — |
| libxmltok | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |