Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

811 – 820 of 1973 results

CVE-2018-18505

Medium priority

Some fixes available 30 of 40

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient...

5 affected packages

firefox, mozjs38, mozjs52, mozjs60, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2018-18501

Medium priority

Some fixes available 30 of 40

Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these...

5 affected packages

firefox, mozjs38, mozjs52, mozjs60, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2018-18500

Medium priority

Some fixes available 30 of 40

A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This...

5 affected packages

firefox, mozjs38, mozjs52, mozjs60, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2018-12389

Low priority
Fixed

Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited...

1 affected packages

thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
thunderbird Fixed Fixed
Show less packages

CVE-2018-18511

Medium priority

Some fixes available 29 of 39

Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability...

6 affected packages

firefox, mozjs38, mozjs52, mozjs60, skia, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release Not in release
skia Not in release Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2018-18509

Medium priority
Fixed

A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker...

1 affected packages

thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
thunderbird Fixed Fixed
Show less packages

CVE-2018-18335

Medium priority
Fixed

Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
thunderbird Not affected Not affected
Show less packages

CVE-2018-18498

Low priority
Fixed

A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability...

2 affected packages

firefox, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed
thunderbird Fixed Fixed
Show less packages

CVE-2018-18494

Medium priority
Fixed

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy...

2 affected packages

firefox, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed
thunderbird Fixed Fixed
Show less packages

CVE-2018-18493

Medium priority
Fixed

A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable...

2 affected packages

firefox, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed
thunderbird Fixed Fixed
Show less packages
  1. Previous page
  2. 80
  3. 81
  4. 82
  5. 83
  6. 84
  7. Next page
Export to JSON