Search CVE reports
1 – 10 of 29676 results
CVE-2025-3085
Medium priorityA MongoDB server under specific conditions running on Linux with TLS and CRL revocation status checking enabled, fails to check the revocation status of the intermediate certificates in the peer's certificate chain. In cases of...
1 affected package
mongodb
| Package | 20.04 LTS |
|---|---|
| mongodb | Needs evaluation |
CVE-2025-3084
Medium priorityWhen run on commands with certain arguments set, explain may fail to validate these arguments before using them. This can lead to crashes in router servers. This affects MongoDB Server v5.0 prior to 5.0.31, MongoDB Server v6.0...
1 affected package
mongodb
| Package | 20.04 LTS |
|---|---|
| mongodb | Needs evaluation |
CVE-2025-3083
Medium prioritySpecifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31, MongoDB...
1 affected package
mongodb
| Package | 20.04 LTS |
|---|---|
| mongodb | Needs evaluation |
CVE-2025-3082
Medium priorityA user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB...
1 affected package
mongodb
| Package | 20.04 LTS |
|---|---|
| mongodb | Needs evaluation |
CVE-2025-30673
Medium priorityNot in release
Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may...
1 affected package
libsub-handlesvia-perl
| Package | 20.04 LTS |
|---|---|
| libsub-handlesvia-perl | Not in release |
CVE-2025-3035
Medium priorityBy first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability affects Firefox < 137.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 20.04 LTS |
|---|---|
| firefox | Vulnerable |
| mozjs102 | Not in release |
| mozjs115 | Not in release |
| mozjs38 | Not in release |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Vulnerable |
CVE-2025-3034
Medium priorityMemory safety bugs present in Firefox 136 and Thunderbird 136. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 20.04 LTS |
|---|---|
| firefox | Vulnerable |
| mozjs102 | Not in release |
| mozjs115 | Not in release |
| mozjs38 | Not in release |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Vulnerable |
CVE-2025-3033
Medium priorityAfter selecting a malicious Windows `.url` shortcut from the local filesystem, an unexpected file could be uploaded. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 20.04 LTS |
|---|---|
| firefox | Vulnerable |
| mozjs102 | Not in release |
| mozjs115 | Not in release |
| mozjs38 | Not in release |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Vulnerable |
CVE-2025-3032
Medium priorityLeaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability affects Firefox < 137 and Thunderbird < 137.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 20.04 LTS |
|---|---|
| firefox | Vulnerable |
| mozjs102 | Not in release |
| mozjs115 | Not in release |
| mozjs38 | Not in release |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Vulnerable |
CVE-2025-3031
Medium priorityAn attacker could read 32 bits of values spilled onto the stack in a JIT compiled function. This vulnerability affects Firefox < 137 and Thunderbird < 137.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 20.04 LTS |
|---|---|
| firefox | Vulnerable |
| mozjs102 | Not in release |
| mozjs115 | Not in release |
| mozjs38 | Not in release |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| thunderbird | Vulnerable |