Search CVE reports

101 – 110 of 1992 results

Detailed view

Sort by:

CVE-2024-38312

Medium priority

Not affected

When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127.

2 affected packages

firefox, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Not affected	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	Not affected	—	—

CVE-2024-5699

Medium priority

Some fixes available 1 of 11

In violation of spec, cookie prefixes such as `__Secure` were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Not affected	Not affected	Fixed	—	—
mozjs102	Ignored	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	Ignored	—
mozjs52	Not in release	Not in release	Ignored	Ignored	—
mozjs68	Not in release	Not in release	Ignored	—	—
mozjs78	Not in release	Ignored	Not in release	—	—
mozjs91	Not in release	Ignored	Not in release	—	—
thunderbird	Not affected	Not affected	Not affected	—	—

CVE-2024-5698

Medium priority

Some fixes available 1 of 11

By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Not affected	Not affected	Fixed	—	—
mozjs102	Ignored	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	Ignored	—
mozjs52	Not in release	Not in release	Ignored	Ignored	—
mozjs68	Not in release	Not in release	Ignored	—	—
mozjs78	Not in release	Ignored	Not in release	—	—
mozjs91	Not in release	Ignored	Not in release	—	—
thunderbird	Not affected	Not affected	Not affected	—	—

CVE-2024-5701

Medium priority

Some fixes available 1 of 11

Memory safety bugs present in Firefox 126. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Not affected	Not affected	Fixed	—	—
mozjs102	Ignored	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	Ignored	—
mozjs52	Not in release	Not in release	Ignored	Ignored	—
mozjs68	Not in release	Not in release	Ignored	—	—
mozjs78	Not in release	Ignored	Not in release	—	—
mozjs91	Not in release	Ignored	Not in release	—	—
thunderbird	Not affected	Not affected	Not affected	—	—

CVE-2024-5700

Medium priority

Some fixes available 4 of 13

Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Not affected	Not affected	Fixed	—	—
mozjs102	Ignored	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	Ignored	—
mozjs52	Not in release	Not in release	Ignored	Ignored	—
mozjs68	Not in release	Not in release	Ignored	—	—
mozjs78	Not in release	Ignored	Not in release	—	—
mozjs91	Not in release	Ignored	Not in release	—	—
thunderbird	Not affected	Fixed	Fixed	—	—

CVE-2024-5697

Medium priority

Some fixes available 1 of 11

A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127.

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Not affected	Not affected	Fixed	—	—
mozjs102	Ignored	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	Ignored	—
mozjs52	Not in release	Not in release	Ignored	Ignored	—
mozjs68	Not in release	Not in release	Ignored	—	—
mozjs78	Not in release	Ignored	Not in release	—	—
mozjs91	Not in release	Ignored	Not in release	—	—
thunderbird	Not affected	Not affected	Not affected	—	—

CVE-2024-5696

Medium priority

Some fixes available 4 of 13

By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Not affected	Not affected	Fixed	—	—
mozjs102	Ignored	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	Ignored	—
mozjs52	Not in release	Not in release	Ignored	Ignored	—
mozjs68	Not in release	Not in release	Ignored	—	—
mozjs78	Not in release	Ignored	Not in release	—	—
mozjs91	Not in release	Ignored	Not in release	—	—
thunderbird	Not affected	Fixed	Fixed	—	—

CVE-2024-5695

Medium priority

Some fixes available 1 of 11

If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred....

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Not affected	Not affected	Fixed	—	—
mozjs102	Ignored	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	Ignored	—
mozjs52	Not in release	Not in release	Ignored	Ignored	—
mozjs68	Not in release	Not in release	Ignored	—	—
mozjs78	Not in release	Ignored	Not in release	—	—
mozjs91	Not in release	Ignored	Not in release	—	—
thunderbird	Not affected	Not affected	Not affected	—	—

CVE-2024-5694

Medium priority

Some fixes available 1 of 11

An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox < 127.

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Not affected	Not affected	Fixed	—	—
mozjs102	Ignored	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	Ignored	—
mozjs52	Not in release	Not in release	Ignored	Ignored	—
mozjs68	Not in release	Not in release	Ignored	—	—
mozjs78	Not in release	Ignored	Not in release	—	—
mozjs91	Not in release	Ignored	Not in release	—	—
thunderbird	Not affected	Not affected	Not affected	—	—

CVE-2024-5693

Medium priority

Some fixes available 4 of 13

Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12,...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Not affected	Not affected	Fixed	—	—
mozjs102	Ignored	Ignored	Not in release	—	—
mozjs38	Not in release	Not in release	Not in release	Ignored	—
mozjs52	Not in release	Not in release	Ignored	Ignored	—
mozjs68	Not in release	Not in release	Ignored	—	—
mozjs78	Not in release	Ignored	Not in release	—	—
mozjs91	Not in release	Ignored	Not in release	—	—
thunderbird	Not affected	Fixed	Fixed	—	—

Export to JSON

Results by page: