Search CVE reports
81 – 90 of 20369 results
CVE-2024-9394
Medium priorityAn attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site"...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-9393
Medium priorityAn attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site"...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-9392
Medium priorityA compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-9370
Medium prioritysecurity update
1 affected packages
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
CVE-2024-9369
Medium prioritysecurity update
1 affected packages
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
CVE-2024-7025
Medium prioritysecurity update
1 affected packages
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
CVE-2024-47611
Medium priorityXZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows (MinGW-w64 or MSVC), the command line tools from XZ Utils 5.6.2 and older have a command line argument injection...
1 affected packages
xz-utils
| Package | 24.04 LTS |
|---|---|
| xz-utils | Not affected |
CVE-2024-47609
Medium priorityNot in release
Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a TCP/TLS stream. This can be...
1 affected packages
rust-tonic
| Package | 24.04 LTS |
|---|---|
| rust-tonic | Not in release |
CVE-2024-9341
Medium priorityA flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit...
1 affected packages
golang-github-containers-common
| Package | 24.04 LTS |
|---|---|
| golang-github-containers-common | Needs evaluation |
CVE-2024-9403
Medium priorityMemory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |