Search CVE reports
9441 – 9450 of 60314 results
Some fixes available 3 of 13
In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13,...
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | — |
| thunderbird | Not affected | Fixed | Fixed | — |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | Not in release | — |
| mozjs91 | Not in release | Ignored | Not in release | — |
| mozjs102 | Ignored | Ignored | Not in release | — |
Some fixes available 3 of 13
A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | — |
| thunderbird | Not affected | Fixed | Fixed | — |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | Not in release | — |
| mozjs91 | Not in release | Ignored | Not in release | — |
| mozjs102 | Ignored | Ignored | Not in release | — |
Some fixes available 3 of 13
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
8 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | — |
| thunderbird | Not affected | Fixed | Fixed | — |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Ignored | Not in release | — |
| mozjs91 | Not in release | Ignored | Not in release | — |
| mozjs102 | Ignored | Ignored | Not in release | — |
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can attach a document to any item, even if the user has no...
1 affected package
glpi
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| glpi | Not in release | Not in release | Not in release | — |
A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager...
1 affected package
network-manager
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| network-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the...
1 affected package
rapidjson
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| rapidjson | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 6 of 8
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the...
1 affected package
rapidjson
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| rapidjson | Fixed | Fixed | Fixed | Fixed |
A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.
1 affected package
389-ds-base
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| 389-ds-base | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox < 128.
2 affected packages
firefox, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Not in release | — |
| thunderbird | Not affected | Not affected | Not in release | — |
Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. This vulnerability affects Firefox <...
2 affected packages
firefox, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Not in release | — |
| thunderbird | Not affected | Not affected | Not in release | — |