Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2015-4480

  • EPSS 2.28%
  • Veröffentlicht 16.08.2015 01:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding.

10

CVE-2015-4479

  • EPSS 2.26%
  • Veröffentlicht 16.08.2015 01:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.

5

CVE-2015-4478

  • EPSS 0.66%
  • Veröffentlicht 16.08.2015 01:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse m...

10

CVE-2015-4477

  • EPSS 2.91%
  • Veröffentlicht 16.08.2015 01:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.

7.5

CVE-2015-4475

  • EPSS 1.25%
  • Veröffentlicht 16.08.2015 01:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of...

10

CVE-2015-4474

  • EPSS 2.21%
  • Veröffentlicht 16.08.2015 01:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10

CVE-2015-4473

  • EPSS 3.66%
  • Veröffentlicht 16.08.2015 01:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...

5

CVE-2015-1819

  • EPSS 4.92%
  • Veröffentlicht 14.08.2015 18:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

5

CVE-2013-7443

Exploit
  • EPSS 1.27%
  • Veröffentlicht 12.08.2015 14:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.

4.3

CVE-2015-5523

Exploit
  • EPSS 5.03%
  • Veröffentlicht 11.08.2015 14:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which triggers a large memory allocation.