FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-25 07:15:41 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
985d4d6c-cfbd-11e3-a003-b4b52fce4ce8mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2014-34 Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)

MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service Installer

MFSA 2014-36 Web Audio memory corruption issues

MFSA 2014-37 Out of bounds read while decoding JPG images

MFSA 2014-38 Buffer overflow when using non-XBL object as XBL

MFSA 2014-39 Use-after-free in the Text Track Manager for HTML video

MFSA 2014-41 Out-of-bounds write in Cairo

MFSA 2014-42 Privilege escalation through Web Notification API

MFSA 2014-43 Cross-site scripting (XSS) using history navigations

MFSA 2014-44 Use-after-free in imgLoader while resizing images

MFSA 2014-45 Incorrect IDNA domain name matching for wildcard certificates

MFSA 2014-46 Use-after-free in nsHostResolve

MFSA 2014-47 Debugger can bypass XrayWrappers with JavaScript


Discovery 2014-04-29
Entry 2014-04-29
firefox
< 29.0,1

firefox-esr
< 24.5.0,1

linux-firefox
< 29.0,1

linux-seamonkey
< 2.26

linux-thunderbird
< 24.5.0

seamonkey
< 2.26

thunderbird
< 24.5.0

CVE-2014-1529
CVE-2014-1492
CVE-2014-1518
CVE-2014-1519
CVE-2014-1520
CVE-2014-1522
CVE-2014-1523
CVE-2014-1524
CVE-2014-1525
CVE-2014-1526
CVE-2014-1527
CVE-2014-1528
CVE-2014-1530
CVE-2014-1531
CVE-2014-1532
https://www.mozilla.org/security/announce/2014/mfsa2014-34.html
https://www.mozilla.org/security/announce/2014/mfsa2014-35.html
https://www.mozilla.org/security/announce/2014/mfsa2014-36.html
https://www.mozilla.org/security/announce/2014/mfsa2014-37.html
https://www.mozilla.org/security/announce/2014/mfsa2014-38.html
https://www.mozilla.org/security/announce/2014/mfsa2014-39.html
https://www.mozilla.org/security/announce/2014/mfsa2014-41.html
https://www.mozilla.org/security/announce/2014/mfsa2014-42.html
https://www.mozilla.org/security/announce/2014/mfsa2014-43.html
https://www.mozilla.org/security/announce/2014/mfsa2014-44.html
https://www.mozilla.org/security/announce/2014/mfsa2014-45.html
https://www.mozilla.org/security/announce/2014/mfsa2014-46.html
https://www.mozilla.org/security/announce/2014/mfsa2014-47.html
http://www.mozilla.org/security/known-vulnerabilities/
d1853110-07f4-4645-895b-6fd462ad0589mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

Please reference CVE/URL list for details


Discovery 2016-11-15
Entry 2016-11-16
firefox
< 50.0_1,1

seamonkey
linux-seamonkey
< 2.47

firefox-esr
< 45.5.0,1

linux-firefox
< 45.5.0,2

libxul
thunderbird
linux-thunderbird
< 45.5.0

CVE-2016-5289
CVE-2016-5290
CVE-2016-5291
CVE-2016-5292
CVE-2016-5293
CVE-2016-5294
CVE-2016-5295
CVE-2016-5296
CVE-2016-5297
CVE-2016-5298
CVE-2016-5299
CVE-2016-9061
CVE-2016-9062
CVE-2016-9063
CVE-2016-9064
CVE-2016-9065
CVE-2016-9066
CVE-2016-9067
CVE-2016-9068
CVE-2016-9070
CVE-2016-9071
CVE-2016-9072
CVE-2016-9073
CVE-2016-9074
CVE-2016-9075
CVE-2016-9076
CVE-2016-9077
https://www.mozilla.org/security/advisories/mfsa2016-89/
https://www.mozilla.org/security/advisories/mfsa2016-90/
18211552-f650-4d86-ba4f-e6d5cbfcdbebmozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-18356: Use-after-free in Skia

CVE-2019-5785: Integer overflow in Skia

CVE-2018-18511: Cross-origin theft of images with ImageBitmapRenderingContext


Discovery 2019-02-13
Entry 2019-02-13
firefox
< 65.0.1,1

firefox-esr
< 60.5.1,1

thunderbird
< 60.5.1

CVE-2018-18511
CVE-2018-18356
CVE-2019-5785
https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/
https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/
237a201c-888b-487f-84d3-7d92266381d6mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2015-95 Add-on notification bypass through data URLs

MFSA 2015-94 Use-after-free when resizing canvas element during restyling


Discovery 2015-08-27
Entry 2015-08-28
firefox
< 40.0.3,1

linux-firefox
< 40.0.3,1

firefox-esr
< 38.2.1,1

CVE-2015-4497
CVE-2015-4498
https://www.mozilla.org/security/advisories/mfsa2015-94/
https://www.mozilla.org/security/advisories/mfsa2015-95/
2c57c47e-8bb3-4694-83c8-9fc3abad3964mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2016-2827 - Out-of-bounds read in mozilla::net::IsValidReferrerPolicy [low]

CVE-2016-5256 - Memory safety bugs fixed in Firefox 49 [critical]

CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4 [critical]

CVE-2016-5270 - Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString [high]

CVE-2016-5271 - Out-of-bounds read in PropertyProvider::GetSpacingInternal [low]

CVE-2016-5272 - Bad cast in nsImageGeometryMixin [high]

CVE-2016-5273 - crash in mozilla::a11y::HyperTextAccessible::GetChildOffset [high]

CVE-2016-5274 - use-after-free in nsFrameManager::CaptureFrameState [high]

CVE-2016-5275 - global-buffer-overflow in mozilla::gfx::FilterSupport::ComputeSourceNeededRegions [critical]

CVE-2016-5276 - Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList [high]

CVE-2016-5277 - Heap-use-after-free in nsRefreshDriver::Tick [high]

CVE-2016-5278 - Heap-buffer-overflow in nsBMPEncoder::AddImageFrame [critical]

CVE-2016-5279 - Full local path of files is available to web pages after drag and drop [moderate]

CVE-2016-5280 - Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap [high]

CVE-2016-5281 - use-after-free in DOMSVGLength [high]

CVE-2016-5282 - Don't allow content to request favicons from non-whitelisted schemes [moderate]

CVE-2016-5283 -