Search CVE reports

Toggle filters

31 – 40 of 2161 results

CVE-2025-9185

Medium priority
Vulnerable

Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and...

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Vulnerable
mozjs38 Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored
mozjs78 Not in release Ignored
mozjs91 Not in release Ignored
mozjs102 Ignored Ignored
mozjs115 Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-9184

Medium priority
Vulnerable

Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Vulnerable
mozjs38 Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored
mozjs78 Not in release Ignored
mozjs91 Not in release Ignored
mozjs102 Ignored Ignored
mozjs115 Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-9183

Medium priority
Vulnerable

Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox ESR < 140.2.

9 affected packages

mozjs38, firefox, thunderbird, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs38 Not in release Not in release Needs evaluation
firefox Not affected Not affected
thunderbird Not affected Vulnerable
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored
mozjs78 Not in release Ignored
mozjs91 Not in release Ignored
mozjs102 Ignored Ignored
mozjs115 Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-9182

Medium priority
Vulnerable

'Denial-of-service due to out-of-memory in the Graphics: WebRender component.' This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Vulnerable
mozjs38 Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored
mozjs78 Not in release Ignored
mozjs91 Not in release Ignored
mozjs102 Ignored Ignored
mozjs115 Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-9181

Medium priority
Vulnerable

Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 142, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Vulnerable
mozjs38 Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored
mozjs78 Not in release Ignored
mozjs91 Not in release Ignored
mozjs102 Ignored Ignored
mozjs115 Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-9180

Medium priority
Vulnerable

'Same-origin policy bypass in the Graphics: Canvas2D component.' This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Vulnerable
mozjs38 Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored
mozjs78 Not in release Ignored
mozjs91 Not in release Ignored
mozjs102 Ignored Ignored
mozjs115 Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-9179

Medium priority
Vulnerable

An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process....

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Vulnerable
mozjs38 Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored
mozjs78 Not in release Ignored
mozjs91 Not in release Ignored
mozjs102 Ignored Ignored
mozjs115 Ignored Not in release
Show all 9 packages Show less packages

CVE-2025-8042

Medium priority
Not affected

Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability affects Firefox < 141.

2 affected packages

firefox, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Not affected
Show less packages

CVE-2025-8041

Medium priority
Not affected

In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability affects Firefox < 141.

2 affected packages

firefox, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Not affected
Show less packages

CVE-2025-54145

Medium priority
Not affected

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme This vulnerability affects Firefox for iOS < 141.

2 affected packages

firefox, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Not affected
Show less packages
  1. Previous page
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. Next page
Export to JSON