VIR Vulnerability Intelligence Relay

Search

Found 1,064 results in 184ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2013-0212 medium 4.0 FIX debian debianubuntu ubuntu openstack 14y ago OpenStack Glance logs user name and password in cleartext
CVE-2013-0247 medium 5.0 FIX ubuntu ubuntudebian debian openstack 14y ago OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid …
CVE-2012-6093 medium 4.3 suse suseubuntu ubuntu qt 14y ago The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory fro…
CVE-2012-5624 medium 4.3 ubuntu ubuntu digiaqt 14y ago The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensi…
CVE-2013-0784 critical 9.3 suse suseubuntu ubuntu mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (me…
CVE-2013-0783 critical 9.3 suse suseubuntu ubuntu rhel mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey…
CVE-2013-0782 critical 9.3 suse suseubuntu ubuntu rhel mozilla 14y ago Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before …
CVE-2013-0781 critical 9.3 suse suseubuntu ubuntu mozilla 14y ago Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitra…
CVE-2013-0780 critical 9.3 suse suseubuntu ubuntu rhel mozilla 14y ago Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x befo…
CVE-2013-0779 critical 9.3 suse suseubuntu ubuntu mozilla 14y ago The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial o…
CVE-2013-0778 critical 9.3 suse suseubuntu ubuntu mozilla 14y ago The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of s…
CVE-2013-0777 critical 9.3 suse suseubuntu ubuntu mozilla 14y ago Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arb…
CVE-2013-0776 medium 4.0 suse suseubuntu ubuntu rhel mozilla 14y ago Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the ad…
CVE-2013-0775 critical 9.3 suse suseubuntu ubuntu rhel mozilla 14y ago Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x bef…
CVE-2013-0774 medium 4.3 suse suseubuntu ubuntu mozilla 14y ago Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading th…
CVE-2013-0773 critical 9.3 suse suseubuntu ubuntudebian debian mozilla 14y ago The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17…
CVE-2013-0772 medium 5.8 suse suseubuntu ubuntu rhel mozilla 14y ago The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory …
CVE-2013-0765 critical 9.3 suse suseubuntu ubuntu mozilla 14y ago Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restricti…
CVE-2013-0208 medium 6.5 FIX debian debianubuntu ubuntu openstack 14y ago The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_de…
CVE-2012-6075 critical 9.3 FIX ubuntu ubuntu rhelsuse suse qemuredhat 14y ago Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a…
CVE-2013-0189 medium 5.0 FIX ubuntu ubuntudebian debian squid-cache 14y ago cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue…
CVE-2013-0170 medium 6.8 FIX debian debianubuntu ubuntu rhel redhat 14y ago Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allo…
CVE-2013-1620 medium 4.3 FIX debian debianubuntu ubuntu rhel mozillaoracle 14y ago The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC p…
CVE-2013-0256 medium 4.3 ubuntu ubuntu ruby-lang 14y ago RDoc contains XSS vulnerability
CVE-2012-2137 medium 6.9 FIX debian debianubuntu ubuntu linux-kernel 14y ago Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors r…
CVE-2012-5656 medium 5.5 5.5 FIX debian debianubuntu ubuntususe suse inkscape 14y ago The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.
CVE-2013-0389 medium 6.8 ubuntu ubuntu oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to S…
CVE-2013-0386 medium 6.8 ubuntu ubuntu oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
CVE-2013-0385 medium 6.6 ubuntu ubuntu rhel oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to…
CVE-2013-0384 medium 6.8 ubuntu ubuntu rhel oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to I…
CVE-2013-0383 medium 4.3 ubuntu ubuntu rhel oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Lock…
CVE-2013-0375 medium 5.4 5.4 ubuntu ubuntu rhel oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vec…
CVE-2013-0371 medium 4.0 ubuntu ubuntu oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.
CVE-2013-0368 medium 4.0 ubuntu ubuntu oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
CVE-2013-0367 medium 4.0 ubuntu ubuntu oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
CVE-2012-5060 medium 6.8 ubuntu ubuntu oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
CVE-2012-1705 medium 4.0 ubuntu ubuntu rhel oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Ser…
CVE-2012-1702 medium 5.0 ubuntu ubuntu rhel oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
CVE-2012-0578 medium 4.0 ubuntu ubuntu oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
CVE-2012-0574 medium 4.0 ubuntu ubuntu rhel oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
CVE-2012-0572 medium 4.0 ubuntu ubuntu rhel oraclemariadb 14y ago Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Inn…
CVE-2013-0771 critical 9.3 suse suseubuntu ubuntu mozilla 14y ago Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x befor…
CVE-2013-0770 critical 9.3 suse suseubuntu ubuntu mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (me…
CVE-2013-0769 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x befo…
CVE-2013-0768 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey b…
CVE-2013-0767 critical 10.0 ubuntu ubuntususe suse rhel mozilla 14y ago The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.1…
CVE-2013-0766 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR …
CVE-2013-0764 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15…
CVE-2013-0763 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote att…
CVE-2013-0762 critical 9.3 suse suse rhelubuntu ubuntu mozilla 14y ago Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR…
CVE-2013-0761 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x …
CVE-2013-0760 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitra…
CVE-2013-0759 medium 5.0 ubuntu ubuntususe suse rhel mozilla 14y ago Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 a…
CVE-2013-0758 critical 10.0 EXP ubuntu ubuntususe suse rhel mozilla 14y ago Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 a…
CVE-2013-0757 critical 10.0 EXP ubuntu ubuntususe suse mozilla 14y ago The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15…
CVE-2013-0756 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey …
CVE-2013-0755 critical 9.3 suse suseubuntu ubuntu mozilla 14y ago Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x be…
CVE-2013-0754 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 1…
CVE-2013-0753 critical 10.0 EXP ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird…
CVE-2013-0752 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code …
CVE-2013-0750 critical 9.3 suse suseubuntu ubuntu rhel mozilla 14y ago Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.1…
CVE-2013-0749 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey…
CVE-2013-0748 medium 4.3 suse suseubuntu ubuntu rhel mozilla 14y ago The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17…
CVE-2013-0747 medium 6.8 ubuntu ubuntususe suse mozilla 14y ago The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMon…
CVE-2013-0746 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 d…
CVE-2013-0745 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly…
CVE-2013-0744 critical 9.3 suse suseubuntu ubuntu rhel mozilla 14y ago Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird b…
CVE-2012-0962 medium 4.3 ubuntu ubuntu sebastian_heinlein 14y ago Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-t…
CVE-2012-5144 critical 10.0 FIX debian debiansuse suseubuntu ubuntu libavgoogle 14y ago Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory …
CVE-2012-5612 medium 7.5 EXP suse suseubuntu ubuntu mariadboracle 14y ago Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (m…
CVE-2012-5843 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memo…
CVE-2012-5842 critical 9.3 ubuntu ubuntususe susedebian debian mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey…
CVE-2012-5841 medium 4.3 ubuntu ubuntususe suse rhel mozilla 14y ago Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering …
CVE-2012-5840 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.…
CVE-2012-5839 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.…
CVE-2012-5838 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause …
CVE-2012-5835 critical 10.0 ubuntu ubuntususe suse rhel mozilla 14y ago Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows…
CVE-2012-5833 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey befor…
CVE-2012-5829 critical 9.3 ubuntu ubuntususe susedebian debian mozilla 14y ago Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and S…
CVE-2012-4218 critical 10.0 ubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to e…
CVE-2012-4217 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute…
CVE-2012-4216 critical 9.3 ubuntu ubuntususe susedebian debian mozilla 14y ago Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and S…
CVE-2012-4215 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x befor…
CVE-2012-4214 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.…
CVE-2012-4213 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary…
CVE-2012-4212 critical 10.0 ubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary cod…
CVE-2012-4209 medium 4.3 suse suseubuntu ubuntu rhel mozilla 14y ago Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribut…
CVE-2012-4208 medium 4.3 ubuntu ubuntususe suse mozilla 14y ago The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote atta…
CVE-2012-4207 medium 4.3 ubuntu ubuntususe susedebian debian mozilla 14y ago The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do…
CVE-2012-4205 medium 6.8 ubuntu ubuntususe suse mozilla 14y ago Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which a…
CVE-2012-4204 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a deni…
CVE-2012-4202 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.1…
CVE-2012-4201 medium 4.3 ubuntu ubuntususe susedebian debian mozilla 14y ago The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incor…
CVE-2012-4564 medium 6.8 FIX ubuntu ubuntususe susedebian debian libtiff 14y ago ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM ima…
CVE-2012-5821 medium 5.9 5.9 ubuntu ubuntu lynx 14y ago Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to …
CVE-2012-5783 medium 5.8 FIX slesdebian debianubuntu ubuntu apache 14y ago Improper Certificate Validation in Apache Commons HttpClient
CVE-2012-4196 medium 6.4 rhelubuntu ubuntususe suse mozilla 14y ago Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same O…
CVE-2012-4195 medium 4.3 rhelubuntu ubuntususe suse mozilla 14y ago The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does n…
CVE-2012-4194 medium 4.3 rhelubuntu ubuntususe suse mozilla 14y ago Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to…
CVE-2012-3180 medium 4.0 rhelubuntu ubuntudebian debian oraclemariadb 14y ago Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors relate…