20 matches found
CVE-2026-42766
Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is define...
EUVD-2022-53139
Malicious code in bioql PyPI...
Important: firefox
Issue Overview: The parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process. This vulnerability affects Thunderbird 91.9. CVE-2022-29913 A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describe...
SUSE CVE-2022-31741
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
CVE-2022-31741
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
CVE-2022-31741
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
CVE-2022-31741
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
CVE-2022-31741
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
CVE-2022-31741
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
SUSE SLED15 / SLES15 Security Update : mozilla-nss (SUSE-SU-2022:2595-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2595-1 advisory. - A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially furth...
MGASA-2022-0220 Updated firefox/nss/nspr packages fix security vulnerability
A malicious website could have learned the size of a cross-origin resource that supported Range requests CVE-2022-31736. A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash CVE-2022-31737. When exiting fullscreen...
Updated thunderbird packages fix security vulnerability
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown...
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2022:1921-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1921-1 advisory. - A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability...
SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:1927-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1927-1 advisory. - A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability...
UBUNTU-CVE-2022-31741
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
CVE-2022-31741
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
Mozilla Firefox < 101.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 101.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-20 advisory. - Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Tea...
Mozilla Firefox < 101.0
The version of Firefox installed on the remote Windows host is prior to 101.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-20 advisory. - Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported...
Mozilla Thunderbird < 91.10
The version of Thunderbird installed on the remote Windows host is prior to 91.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-22 advisory. - Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs...
Security Vulnerabilities fixed in Firefox 101 — Mozilla
A malicious website could have learned the size of a cross-origin resource that supported Range requests. A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. When exiting fullscreen mode, an iframe could have...