6491 matches found
Text::CSV_XS -- CWE-825 Expired Pointer Dereference
H.Merijn Brand - Tux reports: Text::CSVXS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getlineall methods invoke registered callbacks for example...
firefox -- Information disclosure
https://bugzilla.mozilla.org/showbug.cgi?id=2027433 reports: Information disclosure due to incorrect boundary conditions in the Audio/Video component...
firefox -- Memory safety bugs
https://bugzilla.mozilla.org/buglist.cgi?bugid=2029419%2C2029717%2C2029769%2C2029886 reports: Memory safety bugs. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...
Mozilla -- Memory safety bugs
https://bugzilla.mozilla.org/buglist.cgi?bugid=2028537%2C2029911%2C2031121%2C2033602 reports: Memory safety bugs. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...
Mozilla -- Sandbox escape
https://bugzilla.mozilla.org/showbug.cgi?id=2029461 reports: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component...
modsecurity3 -- multiple vulnerabilities
ModSecurity is an open source web application firewall engine. According to the upstream changelog, multiple vulnerabilities have been fixed. CVE-2026-42268: unsigned integer underflow in verify operators CVE-2026-30923: buffer overflow in hexdecode...
firefox -- Memory safety bugs
https://bugzilla.mozilla.org/buglist.cgi?bugid=2021904%2C2022731%2C2027158%2C2027733%2C2027973%2C2027976%2C2028231%2C2028731%2C2028886%2C2029067%2C2029700%2C2029724%2C2029806%2C2029814%2C2030108%2C2030111%2C2031524%2C2031921%2C2032040 reports: Memory safety bugs. Some of these bugs showed evidenc...
firefox -- Information disclosure
https://bugzilla.mozilla.org/showbug.cgi?id=2027433 reports: Information disclosure due to incorrect boundary conditions in the Audio/Video component...
Gitlab -- vulnerabilities
Gitlab reports: Cross-Site Request Forgery issue in GraphQL API impacts GitLab CE/EE GitLab Improper Resolution of Path Equivalence issue in Web IDE asset impacts GitLab CE/EE Cross-site Scripting issue in Storybook impacts GitLab CE/EE Denial of Service issue in discussions endpoint impacts GitL...
firefox -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=2014596 reports: Use-after-free in the DOM: Core & HTML component...
Mozilla -- Memory safety bugs
https://bugzilla.mozilla.org/buglist.cgi?bugid=1536243%2C1745382%2C1851073%2C1893400%2C1963301%2C2001319%2C2002899%2C2012436%2C2014435%2C2016901%2C2019916%2C2020486%2C2020612%2C2020817%2C2021788%2C2022051%2C2022367%2C2022431%2C2023302%2C2023670%2C2024225%2C2024238%2C2024240%2C2024265%2C2024367%2C...
Mozilla -- Other issue in the JavaScript Engine component
https://bugzilla.mozilla.org/showbug.cgi?id=2023343 reports: Other issue in the JavaScript Engine component...
Mozilla -- Incorrect boundary
https://bugzilla.mozilla.org/showbug.cgi?id=2027501 reports: Incorrect boundary conditions in the WebRTC component...
FreeBSD -- Kernel use-after-free bug in the TIOCNOTTY handler
Problem Description: The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the invoking process then exits, the terminal structure may end up containing a pointer to freed memory. Impact: A...
Mozilla -- Incorrect boundary conditions
https://bugzilla.mozilla.org/showbug.cgi?id=2027499 reports: Incorrect boundary conditions in the WebRTC component...
Mozilla -- Memory safety bugs
https://bugzilla.mozilla.org/buglist.cgi?bugid=2010727%2C2019004%2C2019224%2C2019547%2C2020378%2C2022381%2C2022608%2C2022785%2C2023120%2C2023128%2C2023140%2C2023279%2C2023836%2C2023882%2C2023925%2C2023950%2C2023959%2C2023965%2C2024243%2C2024245%2C2024247%2C2024253%2C2024346%2C2024357%2C2024416%2C...
Mozilla -- Privilege escalation in the Debugger component
https://bugzilla.mozilla.org/showbug.cgi?id=2023753 reports: Privilege escalation in the Debugger component...
Mozilla -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=2013619 reports: Use-after-free in the JavaScript: WebAssembly component...
Mozilla -- Information disclosure
https://bugzilla.mozilla.org/showbug.cgi?id=2022610 reports: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component...
Mozilla -- Other issue in the Networking: DNS component
https://bugzilla.mozilla.org/showbug.cgi?id=2022726 reports: Other issue in the Networking: DNS component...
Mozilla -- Incorrect boundary conditions
https://bugzilla.mozilla.org/showbug.cgi?id=2023207 reports: Incorrect boundary conditions in the Libraries component in NSS...
Mozilla -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=2027541 reports: Use-after-free in the JavaScript Engine component...
Mozilla -- Mitigation bypass
https://bugzilla.mozilla.org/showbug.cgi?id=1880429 reports: Mitigation bypass in the DOM: postMessage component...
libXpm -- Out-of-bounds read in xpmNextWord()
The X.Org project reports: libXpm uses a number of internal helper functions to parse the XPM file format. One of these internal functions, xpmNextString, checks for the NULL terminator when looking for the end of the current string but not when looking for the beginning of the next string. A sma...
MySQL -- Multiple vulnerabilities
Oracle reports: See linked CVE's for details...
Mozilla -- Incorrect boundary conditions
https://bugzilla.mozilla.org/showbug.cgi?id=2021770 reports: Incorrect boundary conditions in the WebRTC: Networking component...
Mozilla -- Information disclosure
https://bugzilla.mozilla.org/showbug.cgi?id=2022419 reports: Information disclosure in the Form Autofill component...
Mozilla -- Uninitialized memory
https://bugzilla.mozilla.org/showbug.cgi?id=2025883 reports: Uninitialized memory in the Audio/Video: Web Codecs component...
Mozilla -- Uninitialized memory
https://bugzilla.mozilla.org/showbug.cgi?id=2022604 reports: Uninitialized memory in the Audio/Video: Web Codecs component...
Mozilla -- Information disclosure in the IP Protection component
https://bugzilla.mozilla.org/showbug.cgi?id=2026571 reports: Information disclosure in the IP Protection component...
Mozilla -- Denial-of-service
https://bugzilla.mozilla.org/showbug.cgi?id=2025583 reports: Denial-of-service in the Audio/Video: Playback component...
Mozilla -- Denial-of-service
https://bugzilla.mozilla.org/showbug.cgi?id=2015959 reports: Denial-of-service due to integer overflow in the Graphics: WebGPU component...
Mozilla -- Mitigation bypass
https://bugzilla.mozilla.org/showbug.cgi?id=2016923 reports: Mitigation bypass in the Networking: Cookies component...
Mozilla -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=2021769 reports: Use-after-free in the WebRTC component...
Mozilla -- Memory safety bugs
https://bugzilla.mozilla.org/buglist.cgi?bugid=1935995%2C1999158%2C2015952%2C2021909%2C2022026%2C2022041%2C2022088%2C2022276%2C2022335%2C2022338%2C2022373%2C2022597%2C2022874%2C2023276%2C2023544%2C2023551%2C2023599%2C2023608%2C2023814%2C2024233%2C2024239%2C2024241%2C2024242%2C2024250%2C2024251%2C...
Mozilla -- Mitigation bypass
https://bugzilla.mozilla.org/showbug.cgi?id=2025067 reports: Mitigation bypass in the DOM: Security component...
Mozilla -- Mitigation bypass
https://bugzilla.mozilla.org/showbug.cgi?id=2023615 reports: Mitigation bypass in the Networking: Cookies component...
Mozilla -- Incorrect boundary conditions in the WebRTC component
https://bugzilla.mozilla.org/showbug.cgi?id=2021768 reports: Incorrect boundary conditions in the WebRTC component...
Mozilla -- Incorrect boundary conditions
https://bugzilla.mozilla.org/showbug.cgi?id=2026089 reports: Incorrect boundary conditions in the Libraries component in NSS...
Mozilla -- Invalid pointer
https://bugzilla.mozilla.org/showbug.cgi?id=2022746 reports: Invalid pointer in the Audio/Video: Playback component...
Mozilla -- Other issue in the Storage: IndexedDB component
https://bugzilla.mozilla.org/showbug.cgi?id=2024220 reports: Other issue in the Storage: IndexedDB component...
Mozilla -- Other issue in the Libraries component in NSS
https://bugzilla.mozilla.org/showbug.cgi?id=2023209 reports: Other issue in the Libraries component in NSS...
Mozilla -- Mitigation bypass
https://bugzilla.mozilla.org/showbug.cgi?id=2021666 reports: Mitigation bypass in the File Handling component...
Mozilla -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=2016164 reports: Use-after-free in the Widget: Cocoa component...
Mozilla -- Mitigation bypass
https://bugzilla.mozilla.org/showbug.cgi?id=2016915 reports: Mitigation bypass in the DOM: Security component...
Mozilla -- Incorrect boundary conditions
https://bugzilla.mozilla.org/showbug.cgi?id=2022162 reports: Incorrect boundary conditions in the DOM: Device Interfaces component...
FreeBSD -- Missing large page handling in pmap_pkru_update_range()
Problem Description: In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface...
Mozilla -- Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component
https://bugzilla.mozilla.org/showbug.cgi?id=2027564 reports: Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component...
Mozilla -- Spoofing issue
https://bugzilla.mozilla.org/showbug.cgi?id=2021080 reports: Spoofing issue in the DOM: Core & HTML component...
Mozilla -- Privilege escalation
https://bugzilla.mozilla.org/showbug.cgi?id=2017857 reports: Privilege escalation in the Networking component...