Select Page

All

Popular
Loading

CVE-2012-3990 (debian_linux, enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_sdk, linux_enterprise_server, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows...

Read More

CVE-2012-4188 (debian_linux, enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_sdk, linux_enterprise_server, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote...

Read More

CVE-2012-3995 (enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_sdk, linux_enterprise_server, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute...

Read More

CVE-2012-4179 (debian_linux, enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_sdk, linux_enterprise_server, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before...

Read More

CVE-2012-4182 (debian_linux, enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_sdk, linux_enterprise_server, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13...

Read More

CVE-2012-4184 (enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_sdk, linux_enterprise_server, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to...

Read More

CVE-2012-4207 (debian_linux, enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_server, linux_enterprise_software_development_kit, opensuse, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~...

Read More

CVE-2012-4209 (enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_server, linux_enterprise_software_development_kit, opensuse, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a “top” frame name-attribute value to access...

Read More

CVE-2012-4216 (debian_linux, enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_server, linux_enterprise_software_development_kit, opensuse, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows...

Read More

CVE-2012-4214 (enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_server, linux_enterprise_software_development_kit, opensuse, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before...

Read More

CVE-2012-5830 (enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_server_eus, enterprise_linux_workstation, firefox, firefox_esr, opensuse, seamonkey, suse_linux_enterprise_desktop, suse_linux_enterprise_server, suse_linux_enterprise_software_development_kit, thunderbird, thunderbird_esr, ubuntu_linux)

Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute...

Read More

CVE-2014-5077 (enterprise_linux_eus, enterprise_linux_server_aus, enterprise_linux_server_tus, linux_enterprise_desktop, linux_enterprise_real_time_extension, linux_enterprise_server, linux_kernel, ubuntu_linux)

The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting...

Read More

CVE-2014-8559 (evergreen, linux, linux_enterprise_real_time_extension, linux_enterprise_software_development_kit, linux_enterprise_workstation_extension, linux_kernel, opensuse, suse_linux_enterprise_desktop, suse_linux_enterprise_server, ubuntu_linux)

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted...

Read More

CVE-2020-0261

In C2 flame devices, there is a possible bypass of seccomp due to a missing configuration file. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Read More

CVE-2020-24332

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing...

Read More

CVE-2020-24331

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this...

Read More
Loading