Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 5.78%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 16.06.2026 23:44:36

The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application cr...

  • EPSS 1.61%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 16.06.2026 23:44:36

Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which allows remote attackers to conduct cross-site reques...

Exploit
  • EPSS 13.52%
  • Veröffentlicht 11.11.2012 13:00:58
  • Zuletzt bearbeitet 16.06.2026 23:45:24

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory...

Exploit
  • EPSS 0.81%
  • Veröffentlicht 04.11.2012 22:55:04
  • Zuletzt bearbeitet 16.06.2026 23:47:24

Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.

  • EPSS 9.25%
  • Veröffentlicht 04.11.2012 22:55:03
  • Zuletzt bearbeitet 16.06.2026 23:47:19

Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.5...

Exploit
  • EPSS 2.84%
  • Veröffentlicht 29.10.2012 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:44:34

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), ...

  • EPSS 1.9%
  • Veröffentlicht 29.10.2012 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:44:34

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and prin...

Exploit
  • EPSS 3.29%
  • Veröffentlicht 29.10.2012 18:55:01
  • Zuletzt bearbeitet 16.06.2026 23:44:35

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a pro...

  • EPSS 2.71%
  • Veröffentlicht 17.10.2012 00:55:02
  • Zuletzt bearbeitet 16.06.2026 23:42:45

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

  • EPSS 5.1%
  • Veröffentlicht 17.10.2012 00:55:01
  • Zuletzt bearbeitet 16.06.2026 23:42:42

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Sc...