Search CVE reports
181 – 190 of 1943 results
CVE-2023-5728
Medium prioritySome fixes available 6 of 18
During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
| mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
| mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Ignored | Ignored |
CVE-2023-5727
Medium prioritySome fixes available 5 of 17
The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. *Note: This issue only affected Windows operating systems. Other...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Not affected | Ignored | Ignored |
| mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
| mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Ignored | Ignored |
CVE-2023-5726
Medium prioritySome fixes available 5 of 17
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. *Note: This issue only affected macOS operating systems. Other...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Not affected | Ignored | Ignored |
| mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
| mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Ignored | Ignored |
CVE-2023-5725
Medium prioritySome fixes available 6 of 18
A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
| mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
| mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Ignored | Ignored |
CVE-2023-5724
Medium prioritySome fixes available 6 of 18
Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
| mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
| mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Ignored | Ignored |
CVE-2023-5723
Medium prioritySome fixes available 1 of 14
An attacker with temporary script access to a site could have set a cookie containing invalid characters using `document.cookie` that could have led to unknown errors. This vulnerability affects Firefox < 119.
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
| mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
| mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2023-5722
Medium prioritySome fixes available 1 of 14
Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119.
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
| mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
| mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2023-5721
Medium prioritySome fixes available 6 of 18
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
| mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
| mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Ignored | Ignored |
CVE-2023-5388
Medium prioritySome fixes available 7 of 20
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and...
9 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | — | — |
| mozjs102 | Ignored | Ignored | Not in release | — | — |
| mozjs38 | Not in release | Not in release | Not in release | Ignored | — |
| mozjs52 | Not in release | Not in release | Ignored | Ignored | — |
| mozjs68 | Not in release | Not in release | Ignored | — | — |
| mozjs78 | Not in release | Ignored | Not in release | — | — |
| mozjs91 | Not in release | Ignored | Not in release | — | — |
| nss | Not affected | Fixed | Fixed | Vulnerable | Vulnerable |
| thunderbird | Not affected | Fixed | Fixed | — | — |
CVE-2023-44488
Medium prioritySome fixes available 8 of 22
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
10 affected packages
chromium-browser, firefox, libvpx, mozjs102, mozjs38...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not affected | Ignored | Ignored |
| firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
| libvpx | Fixed | Fixed | Fixed | Fixed | Fixed |
| mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
| mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
| mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |