Search CVE reports

Toggle filters

381 – 390 of 971 results

CVE-2023-5173

Medium priority

Some fixes available 1 of 14

In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process...

8 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
thunderbird Not affected Not affected Not in release Ignored
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
mozjs102 Ignored Ignored Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-5172

Medium priority

Some fixes available 1 of 14

A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.

8 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
thunderbird Not affected Not affected Not in release Ignored
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
mozjs102 Ignored Ignored Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-5171

Medium priority

Some fixes available 4 of 16

During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118,...

8 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
thunderbird Not affected Fixed Fixed Ignored
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
mozjs102 Ignored Ignored Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-5170

Medium priority

Some fixes available 1 of 14

In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data...

8 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
thunderbird Not affected Not affected Not in release Ignored
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
mozjs102 Ignored Ignored Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-5169

Medium priority

Some fixes available 4 of 16

A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox <...

8 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Ignored
thunderbird Not affected Fixed Fixed Ignored
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
mozjs102 Ignored Ignored Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-5174

Medium priority
Ignored

If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Firefox on...

8 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not in release Ignored
thunderbird Not affected Not affected Not in release Ignored
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
mozjs102 Ignored Ignored Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-5168

Medium priority
Ignored

A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on...

8 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not in release Ignored
thunderbird Not affected Not affected Not in release Ignored
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
mozjs102 Ignored Ignored Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-4582

Negligible priority
Not affected

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating...

8 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not in release Ignored
thunderbird Not affected Not in release Ignored
mozjs38 Not in release Not in release Not affected
mozjs52 Not in release Not affected Not affected
mozjs68 Not in release Not affected Not in release
mozjs78 Not affected Not in release Not in release
mozjs91 Not affected Not in release Not in release
mozjs102 Not affected Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-4576

Negligible priority
Ignored

On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on...

8 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Ignored Not in release Ignored
thunderbird Ignored Not in release Ignored
mozjs38 Not in release Not in release Ignored
mozjs52 Not in release Ignored Ignored
mozjs68 Not in release Ignored Not in release
mozjs78 Ignored Not in release Not in release
mozjs91 Ignored Not in release Not in release
mozjs102 Ignored Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-4585

Medium priority

Some fixes available 6 of 18

Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

8 affected packages

mozjs91, firefox, thunderbird, mozjs38, mozjs52...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs91 Not in release Ignored Not in release Not in release
firefox Not affected Not affected Fixed Ignored
thunderbird Fixed Fixed Fixed Ignored
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs102 Ignored Ignored Not in release Not in release
Show all 8 packages Show less packages
  1. Previous page
  2. 37
  3. 38
  4. 39
  5. 40
  6. 41
  7. Next page
Export to JSON