Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•6 views

CVE-2026-2791

Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00402EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2772

Use-after-free in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00469EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•1 views

CVE-2026-2770

Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00469EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•8 views

CVE-2026-2786

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•4 views

CVE-2026-2763

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00469EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•2 views

CVE-2026-2780

Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00339EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2790

Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00229EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2769

Use-after-free in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

8.8CVSS5.8AI score0.00419EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•5 views

CVE-2026-2781

Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35...

9.8CVSS5.9AI score0.0036EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2783

Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

7.5CVSS5.8AI score0.00285EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2774

Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.9AI score0.00543EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•2 views

CVE-2026-2776

Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

10CVSS5.8AI score0.00483EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•5 views

CVE-2026-2787

Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00402EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2773

Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00599EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2761

Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

10CVSS5.8AI score0.00395EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•1 views

CVE-2026-2782

Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00282EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2779

Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00604EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•2 views

CVE-2026-2778

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

10CVSS5.8AI score0.00483EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•4 views

CVE-2026-2764

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00469EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•4 views

CVE-2026-2785

Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00366EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•7 views

CVE-2026-2775

Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00552EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•1 views

CVE-2026-2793

Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

9.8CVSS6AI score0.00313EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2768

Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

10CVSS5.8AI score0.00366EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2766

Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00469EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•2 views

CVE-2026-2792

Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

9.8CVSS6AI score0.00313EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•2 views

CVE-2026-2777

Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00366EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2771

Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00483EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•4 views

CVE-2026-2767

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00384EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•1 views

CVE-2026-2784

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.0043EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2788

Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00416EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•4 views

CVE-2026-2757

Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00491EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2765

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00469EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•2 views

CVE-2026-25576

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larg...

5.5CVSS6AI score0.00181EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•6 views

CVE-2026-24485

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the DecodeImage function becomes trapped in an infinite loop while searching for the Sync marker, causing...

7.5CVSS5.9AI score0.00449EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•3 views

CVE-2026-25987

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory...

9.1CVSS6AI score0.0037EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•2 views

CVE-2026-24484

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for multi-layer nested mvg conversions to svg, leading to DoS. Versions 7.1.2-15 and 6.9.13-40 contain a patch...

5.3CVSS5.9AI score0.00401EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•4 views

CVE-2026-25798

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted imag...

7.5CVSS5.9AI score0.00429EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•4 views

CVE-2026-25970

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a...

7.5CVSS6AI score0.00275EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•6 views

CVE-2026-25638

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, memory leak exists in coders/msl.c. In the WriteMSLImage function of the msl.c file, resources are allocated. But the function returns early without releasing...

5.3CVSS5.8AI score0.00325EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•3 views

CVE-2026-25988

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. Versions 7.1.2-15 and 6.9.13-4...

7.5CVSS5.9AI score0.00438EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•5 views

CVE-2026-26983

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40 contain a...

5.3CVSS5.8AI score0.0045EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•3 views

CVE-2026-26066

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with IPTCTEXT. Versions 7.1.2-15 and 6.9.13-40 contain a patch...

7.5CVSS5.9AI score0.00327EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•3 views

CVE-2026-25965

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick’s path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/ can be...

8.6CVSS5.8AI score0.00671EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•2 views

CVE-2026-25986

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer overflow write vulnerability exists in ReadYUVImage coders/yuv.c when processing malicious YUV 4:2:2 NoInterlace images. The pixel-pair loop write...

9.8CVSS6.1AI score0.00461EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•4 views

CVE-2026-25966

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. Prior to version...

7.8CVSS5.9AI score0.00135EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•4 views

CVE-2026-25985

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate 674 GB of memory, leading to an out-of-memory abort. Versions...

7.5CVSS5.9AI score0.00501EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•5 views

CVE-2026-25799

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resultin...

7.5CVSS5.9AI score0.00385EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•4 views

CVE-2026-1229

The CombinedMult function in the CIRCL ecc/p384 package secp384r1 curve produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3...

9.8CVSS7.2AI score0.00397EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•1 views

CVE-2026-26981

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...

6.5CVSS5.8AI score0.00523EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/02/24 12:0 a.m.•3 views

CVE-2026-25969

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in coders/ashlar.c. The WriteASHLARImage allocates a structure. However, when an exception is thrown, the allocated memory is not properly released,...

7.5CVSS5.9AI score0.0036EPSS
Exploits0References2
Total number of security vulnerabilities68528