Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

351 – 360 of 1943 results

CVE-2022-45421

Medium priority

Some fixes available 7 of 15

Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2022-45420

Medium priority

Some fixes available 7 of 15

Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR <...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2022-45419

Medium priority
Ignored

If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Not affected Not affected Not affected Ignored Ignored
Show all 7 packages Show less packages

CVE-2022-45418

Medium priority

Some fixes available 7 of 15

If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR <...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2022-45417

Medium priority
Ignored

Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Not affected Not affected Not affected Ignored Ignored
Show all 7 packages Show less packages

CVE-2022-45416

Medium priority

Some fixes available 7 of 15

Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2022-45415

Medium priority
Ignored

When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Not affected Not affected Not affected Ignored Ignored
Show all 7 packages Show less packages

CVE-2022-45413

Medium priority

Some fixes available 2 of 11

Using the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.<br>*This issue only affects Firefox for Android. Other operating systems...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Fixed Fixed Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Not affected Not affected Not affected Ignored Ignored
Show all 7 packages Show less packages

CVE-2022-45412

Medium priority

Some fixes available 7 of 15

When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>*This bug only affects Thunderbird...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2022-45411

Medium priority

Some fixes available 7 of 15

Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected Ignored
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages
  1. Previous page
  2. 34
  3. 35
  4. 36
  5. 37
  6. 38
  7. Next page
Export to JSON