Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

801 – 810 of 1973 results

CVE-2019-9790

Medium priority

Some fixes available 30 of 40

A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This...

5 affected packages

firefox, mozjs38, mozjs52, mozjs60, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-9788

Negligible priority

Some fixes available 30 of 40

Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort...

5 affected packages

firefox, mozjs38, mozjs52, mozjs60, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-5798

Medium priority
Fixed

Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

2 affected packages

chromium-browser, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
thunderbird Fixed Fixed
Show less packages

CVE-2018-18499

Medium priority

Some fixes available 29 of 39

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy...

6 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs60, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-1988

Medium priority
Not affected

In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in system_server with no additional execution privileges needed. User interaction is...

7 affected packages

chromium-browser, firefox, mozjs38, mozjs52, mozjs60...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Not affected
firefox Not affected Not affected
mozjs38 Not affected Not in release
mozjs52 Not affected Not in release
mozjs60 Not in release Not in release
qtwebengine-opensource-src Not affected Not in release
thunderbird Not affected Not affected
Show all 7 packages Show less packages

CVE-2019-1987

Medium priority
Not affected

In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for...

7 affected packages

chromium-browser, firefox, mozjs38, mozjs52, mozjs60...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Not affected
firefox Not affected Not affected
mozjs38 Not affected Not in release
mozjs52 Not affected Not in release
mozjs60 Not in release Not in release
qtwebengine-opensource-src Not affected Not in release
thunderbird Not affected Not affected
Show all 7 packages Show less packages

CVE-2019-1986

Medium priority
Not affected

In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges...

7 affected packages

chromium-browser, firefox, mozjs38, mozjs52, mozjs60...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Not affected
firefox Not affected Not affected
mozjs38 Not affected Not in release
mozjs52 Not affected Not in release
mozjs60 Not in release Not in release
qtwebengine-opensource-src Not affected Not in release
thunderbird Not affected Not affected
Show all 7 packages Show less packages

CVE-2019-5785

Medium priority

Some fixes available 30 of 40

Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs60...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release Not in release
skia Not in release Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show all 7 packages Show less packages

CVE-2019-7317

Medium priority

Some fixes available 37 of 40

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

8 affected packages

firefox, libpng, libpng1.6, openjdk-12, openjdk-8...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
libpng Not in release Not in release Not in release Not in release Not affected
libpng1.6 Not affected Not affected Not affected Fixed Vulnerable
openjdk-12 Not in release Not in release Not in release Not in release Not in release
openjdk-8 Not affected Not affected Not affected Fixed Fixed
openjdk-9 Not in release Not in release Not in release Not in release Ignored
openjdk-lts Not affected Not affected Not affected Fixed Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show all 8 packages Show less packages

CVE-2018-18506

Medium priority

Some fixes available 30 of 40

When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to...

5 affected packages

firefox, mozjs38, mozjs52, mozjs60, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages
  1. Previous page
  2. 79
  3. 80
  4. 81
  5. 82
  6. 83
  7. Next page
Export to JSON