Search CVE reports
2441 – 2450 of 38328 results
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading...
1 affected package
gimp
| Package | 18.04 LTS |
|---|---|
| gimp | Needs evaluation |
A flaw was found in GIMP. The GIMP ani_load_image() function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI...
1 affected package
gimp
| Package | 18.04 LTS |
|---|---|
| gimp | Needs evaluation |
Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 18.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs68 | — |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability affects Firefox < 139 and Thunderbird < 139.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 18.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs68 | — |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox < 139 and Thunderbird < 139.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 18.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs68 | — |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...
9 affected packages
mozjs78, mozjs91, mozjs102, mozjs115, firefox...
| Package | 18.04 LTS |
|---|---|
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs68 | — |
A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
9 affected packages
mozjs68, firefox, thunderbird, mozjs38, mozjs52...
| Package | 18.04 LTS |
|---|---|
| mozjs68 | — |
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
9 affected packages
mozjs78, firefox, thunderbird, mozjs38, mozjs52...
| Package | 18.04 LTS |
|---|---|
| mozjs78 | — |
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs68 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only...
9 affected packages
mozjs52, firefox, thunderbird, mozjs38, mozjs68...
| Package | 18.04 LTS |
|---|---|
| mozjs52 | Ignored |
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs68 | — |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 18.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | Needs evaluation |
| mozjs52 | Ignored |
| mozjs68 | — |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |