Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

831 – 840 of 1973 results

CVE-2018-12386

Medium priority

Some fixes available 30 of 37

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability...

4 affected packages

firefox, mozjs38, mozjs52, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2018-12385

Low priority
Fixed

A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability...

2 affected packages

firefox, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed
thunderbird Fixed Fixed
Show less packages

CVE-2018-12383

Medium priority
Fixed

If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied...

2 affected packages

firefox, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed
thunderbird Fixed Fixed
Show less packages

CVE-2018-12378

Medium priority
Fixed

A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability...

3 affected packages

firefox, firefox-esr, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed
firefox-esr Not in release Not in release
thunderbird Fixed Fixed
Show less packages

CVE-2018-12377

Medium priority
Fixed

A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash....

3 affected packages

firefox, firefox-esr, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed
firefox-esr Not in release Not in release
thunderbird Fixed Fixed
Show less packages

CVE-2018-12376

Medium priority

Some fixes available 30 of 37

Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This...

5 affected packages

firefox, firefox-esr, mozjs38, mozjs52, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2018-12374

Low priority
Fixed

Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9.

1 affected packages

thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
thunderbird Fixed Fixed
Show less packages

CVE-2018-12373

Medium priority
Fixed

dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.

1 affected packages

thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
thunderbird Fixed Fixed
Show less packages

CVE-2018-12372

Medium priority
Fixed

Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.

1 affected packages

thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
thunderbird Fixed Fixed
Show less packages

CVE-2018-5188

Medium priority

Some fixes available 38 of 41

Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary...

4 affected packages

firefox, mozjs38, mozjs52, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Fixed Fixed Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages
  1. Previous page
  2. 82
  3. 83
  4. 84
  5. 85
  6. 86
  7. Next page
Export to JSON