Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.14%
  • Veröffentlicht 11.12.2013 15:55:12
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.

  • EPSS 3.4%
  • Veröffentlicht 11.12.2013 15:55:12
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset ...

Exploit
  • EPSS 9.45%
  • Veröffentlicht 11.12.2013 15:55:12
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause...

  • EPSS 2.35%
  • Veröffentlicht 11.12.2013 15:55:12
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a cra...

Exploit
  • EPSS 4.22%
  • Veröffentlicht 11.12.2013 15:55:12
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs,...

Exploit
  • EPSS 6.67%
  • Veröffentlicht 11.12.2013 15:55:12
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code...

Exploit
  • EPSS 8.09%
  • Veröffentlicht 11.12.2013 15:55:07
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and app...

  • EPSS 6.51%
  • Veröffentlicht 11.12.2013 15:55:07
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via u...

  • EPSS 2.54%
  • Veröffentlicht 07.12.2013 20:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file.

Exploit
  • EPSS 3.79%
  • Veröffentlicht 03.12.2013 19:55:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended a...