Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

351 – 360 of 2652 results

CVE-2022-46874

Medium priority

Some fixes available 9 of 17

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Fixed Fixed Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2022-46873

Medium priority

Some fixes available 2 of 11

Because Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script....

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Fixed Fixed Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Not affected Not affected Not affected Ignored Ignored
Show all 7 packages Show less packages

CVE-2022-46872

Medium priority

Some fixes available 9 of 17

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating systems are...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Fixed Fixed Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2022-46871

Medium priority

Some fixes available 9 of 18

An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108.

8 affected packages

firefox, libusrsctp, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Fixed Fixed Ignored
libusrsctp Not affected Not affected Vulnerable Not in release Not in release
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 8 packages Show less packages

CVE-2022-45421

Medium priority

Some fixes available 7 of 15

Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2022-45420

Medium priority

Some fixes available 7 of 15

Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR <...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2022-45419

Medium priority
Ignored

If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Not affected Not affected Not affected Ignored Ignored
Show all 7 packages Show less packages

CVE-2022-45418

Medium priority

Some fixes available 7 of 15

If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR <...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2022-45417

Medium priority
Ignored

Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Not affected Not affected Not affected Ignored Ignored
Show all 7 packages Show less packages

CVE-2022-45416

Medium priority

Some fixes available 7 of 15

Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages
  1. Previous page
  2. 34
  3. 35
  4. 36
  5. 37
  6. 38
  7. Next page
Export to JSON