Search CVE reports

Toggle filters

11 – 20 of 3104 results

CVE-2026-8401

Medium priority
Vulnerable

(Sandbox escape in the Profile Backup component. This vulnerability was ...)

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Vulnerable
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2026-8389

Medium priority
Vulnerable

(JIT miscompilation in the JavaScript Engine: JIT component. This vulne ...)

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Vulnerable
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2026-8391

Medium priority
Vulnerable

Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Vulnerable
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2026-8390

Medium priority
Vulnerable

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Vulnerable
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2026-8388

Medium priority
Vulnerable

Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Vulnerable
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2026-45186

Medium priority
Needs evaluation

In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input.

23 affected packages

expat, apache2, apr-util, cmake, ghostscript...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
expat Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Not in release Needs evaluation
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gdcm Not affected Not affected Not affected Not affected Needs evaluation
ayttm Not in release Not in release Not in release
cableswig Not in release Not in release Not in release
coin3 Not affected Not affected Not affected Not affected Needs evaluation
matanza Ignored Ignored Ignored Ignored Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vtk Not in release Not in release Not in release
smart Not in release Not in release Not in release Needs evaluation
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected
libxmltok Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 23 packages Show less packages

CVE-2026-8093

Medium priority
Vulnerable

Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was...

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Vulnerable
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2026-8092

Medium priority
Vulnerable

Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited...

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Vulnerable
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2026-8091

Medium priority
Vulnerable

Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.2.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Vulnerable
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages

CVE-2026-8090

Medium priority
Vulnerable

Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.

9 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
thunderbird Not affected Not affected Vulnerable
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
Show all 9 packages Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON