Search CVE reports

Toggle filters

921 – 930 of 1057 results

CVE-2019-11751

Medium priority
Ignored

Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an...

4 affected packages

firefox, mozjs38, mozjs52, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not in release Not affected
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-11736

Medium priority
Ignored

The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with...

4 affected packages

mozjs60, mozjs52, firefox, mozjs38

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs60 Not in release Not in release Not in release Not in release
mozjs52 Not in release Not in release Ignored Ignored
firefox Not affected Not affected Not in release Not affected
mozjs38 Not in release Not in release Not in release Ignored
Show less packages

CVE-2019-11754

Medium priority

Some fixes available 13 of 21

When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. This vulnerability affects Firefox < 69.0.1.

4 affected packages

firefox, mozjs38, mozjs52, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-9812

Medium priority

Some fixes available 13 of 21

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account....

4 affected packages

mozjs38, mozjs52, firefox, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
firefox Fixed Fixed Fixed Fixed
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-11752

Medium priority

Some fixes available 26 of 34

It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird <...

5 affected packages

mozjs52, firefox, mozjs38, mozjs60, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-11750

Medium priority

Some fixes available 13 of 21

A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

4 affected packages

firefox, mozjs38, mozjs52, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-11749

Medium priority

Some fixes available 13 of 21

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or...

4 affected packages

firefox, mozjs38, mozjs60, mozjs52

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs52 Not in release Not in release Ignored Ignored
Show less packages

CVE-2019-11748

Medium priority

Some fixes available 13 of 21

WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was...

4 affected packages

firefox, mozjs38, mozjs52, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-11747

Negligible priority

Some fixes available 13 of 21

The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from...

4 affected packages

mozjs52, mozjs60, firefox, mozjs38

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
Show less packages

CVE-2019-11746

Medium priority

Some fixes available 26 of 34

A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1,...

5 affected packages

mozjs52, firefox, mozjs38, mozjs60, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages
  1. Previous page
  2. 91
  3. 92
  4. 93
  5. 94
  6. 95
  7. Next page
Export to JSON