Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 20 of 26986 results

Status is adjusted based on your filters.


CVE-2024-11705

Medium priority
Vulnerable

`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11...

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 20.04 LTS
firefox Vulnerable
mozjs102 Not in release
mozjs115 Not in release
mozjs38 Not in release
mozjs52 Ignored
mozjs68 Ignored
mozjs78 Not in release
mozjs91 Not in release
thunderbird Vulnerable
Show all 9 packages Show less packages

CVE-2024-11704

Medium priority
Vulnerable

A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption....

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 20.04 LTS
firefox Vulnerable
mozjs102 Not in release
mozjs115 Not in release
mozjs38 Not in release
mozjs52 Ignored
mozjs68 Ignored
mozjs78 Not in release
mozjs91 Not in release
thunderbird Vulnerable
Show all 9 packages Show less packages

CVE-2024-11703

Medium priority
Vulnerable

On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox < 133.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 20.04 LTS
firefox Vulnerable
mozjs102 Not in release
mozjs115 Not in release
mozjs38 Not in release
mozjs52 Ignored
mozjs68 Ignored
mozjs78 Not in release
mozjs91 Not in release
thunderbird Vulnerable
Show all 9 packages Show less packages

CVE-2024-11702

Medium priority
Vulnerable

Copying sensitive information from Private Browsing tabs on Android, such as passwords, may have inadvertently stored data in the cloud-based clipboard history if enabled. This vulnerability affects Firefox < 133 and Thunderbird < 133.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 20.04 LTS
firefox Vulnerable
mozjs102 Not in release
mozjs115 Not in release
mozjs38 Not in release
mozjs52 Ignored
mozjs68 Ignored
mozjs78 Not in release
mozjs91 Not in release
thunderbird Vulnerable
Show all 9 packages Show less packages

CVE-2024-11701

Medium priority
Vulnerable

The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133 and Thunderbird < 133.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 20.04 LTS
firefox Vulnerable
mozjs102 Not in release
mozjs115 Not in release
mozjs38 Not in release
mozjs52 Ignored
mozjs68 Ignored
mozjs78 Not in release
mozjs91 Not in release
thunderbird Vulnerable
Show all 9 packages Show less packages

CVE-2024-11700

Medium priority
Vulnerable

Malicious websites may have been able to user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities....

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 20.04 LTS
firefox Vulnerable
mozjs102 Not in release
mozjs115 Not in release
mozjs38 Not in release
mozjs52 Ignored
mozjs68 Ignored
mozjs78 Not in release
mozjs91 Not in release
thunderbird Vulnerable
Show all 9 packages Show less packages

CVE-2024-11699

Medium priority
Vulnerable

Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 20.04 LTS
firefox Vulnerable
mozjs102 Not in release
mozjs115 Not in release
mozjs38 Not in release
mozjs52 Ignored
mozjs68 Ignored
mozjs78 Not in release
mozjs91 Not in release
thunderbird Vulnerable
Show all 9 packages Show less packages

CVE-2024-11698

Medium priority
Vulnerable

A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode...

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 20.04 LTS
firefox Vulnerable
mozjs102 Not in release
mozjs115 Not in release
mozjs38 Not in release
mozjs52 Ignored
mozjs68 Ignored
mozjs78 Not in release
mozjs91 Not in release
thunderbird Vulnerable
Show all 9 packages Show less packages

CVE-2024-11697

Medium priority
Vulnerable

When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox <...

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 20.04 LTS
firefox Vulnerable
mozjs102 Not in release
mozjs115 Not in release
mozjs38 Not in release
mozjs52 Ignored
mozjs68 Ignored
mozjs78 Not in release
mozjs91 Not in release
thunderbird Vulnerable
Show all 9 packages Show less packages

CVE-2024-11696

Medium priority
Vulnerable

The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime...

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 20.04 LTS
firefox Vulnerable
mozjs102 Not in release
mozjs115 Not in release
mozjs38 Not in release
mozjs52 Ignored
mozjs68 Ignored
mozjs78 Not in release
mozjs91 Not in release
thunderbird Vulnerable
Show all 9 packages Show less packages