Search CVE reports
13641 – 13650 of 44107 results
The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be...
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| mozjs102 | Not in release |
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and...
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| mozjs102 | Not in release |
In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116,...
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| mozjs102 | Not in release |
Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14,...
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| mozjs102 | Not in release |
An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| mozjs102 | Not in release |
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| mozjs102 | Not in release |
In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects...
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| mozjs102 | Not in release |
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14,...
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 16.04 LTS |
|---|---|
| firefox | Ignored |
| thunderbird | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| mozjs102 | Not in release |
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open.
1 affected package
poppler
| Package | 16.04 LTS |
|---|---|
| poppler | Not affected |
Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38, <=1.6.0p30.
1 affected package
check-mk
| Package | 16.04 LTS |
|---|---|
| check-mk | Needs evaluation |