Search CVE reports

Toggle filters

241 – 250 of 599 results

CVE-2025-11710

Medium priority

Some fixes available 1 of 11

A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29,...

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Fixed
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-11709

Medium priority

Some fixes available 1 of 11

A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4,...

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Fixed
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-11708

Medium priority

Some fixes available 1 of 11

Use-after-free in MediaTrackGraphImpl::GetInstance(). This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Fixed
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-11153

Medium priority
Needs evaluation

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 143.0.3.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-10537

Medium priority

Some fixes available 1 of 11

Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Fixed
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-10536

Medium priority

Some fixes available 1 of 11

Information disclosure in the Networking: Cache component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Fixed
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-10533

Medium priority

Some fixes available 1 of 11

Integer overflow in the SVG component. This vulnerability was fixed in Firefox 143, Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Fixed
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-10532

Medium priority

Some fixes available 1 of 11

Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Fixed
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-10529

Medium priority

Some fixes available 1 of 11

Same-origin policy bypass in the Layout component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Fixed
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-10528

Medium priority

Some fixes available 1 of 11

Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Fixed
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages
  1. Previous page
  2. 23
  3. 24
  4. 25
  5. 26
  6. 27
  7. Next page
Export to JSON