Search CVE reports
31 – 40 of 21528 results
CVE-2024-11703
Medium priorityOn Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox < 133.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-11702
Medium priorityCopying sensitive information from Private Browsing tabs on Android, such as passwords, may have inadvertently stored data in the cloud-based clipboard history if enabled. This vulnerability affects Firefox < 133 and Thunderbird < 133.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-11701
Medium priorityThe incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133 and Thunderbird < 133.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-11700
Medium priorityMalicious websites may have been able to user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities....
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-11699
Medium priorityMemory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-11698
Medium priorityA flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-11697
Medium priorityWhen handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox <...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-11696
Medium priorityThe application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-11695
Medium priorityA crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird <...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |
CVE-2024-11694
Medium priorityEnhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 24.04 LTS |
|---|---|
| firefox | Not affected |
| mozjs102 | Ignored |
| mozjs115 | Ignored |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Not affected |