Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical ubuntu linux 13.04 vulnerabilities and exploits
(subscribe to this query)
1.2
CVSSv2
CVE-2013-6891
lppasswd in CUPS prior to 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.
Apple Cups
Apple Cups 1.7
Apple Cups 1.7.1
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
6.8
CVSSv2
CVE-2013-0339
libxml2 up to and including 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote malicious users to cause a denial of service (resource consumption), se...
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.6.29
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Xmlsoft Libxml2 2.8.0
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.7.2
Xmlsoft Libxml2 2.4.21
Xmlsoft Libxml2 2.4.20
Xmlsoft Libxml2 2.3.7
2.6
CVSSv2
CVE-2013-2037
httplib2 0.7.2, 0.8, and previous versions, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users ...
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Httplib2 Project Httplib2
Httplib2 Project Httplib2 0.8
2.1
CVSSv2
CVE-2013-4969
Puppet prior to 3.3.3 and 3.4 prior to 3.4.1 and Puppet Enterprise (PE) prior to 2.8.4 and 3.1 prior to 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files.
Puppetlabs Puppet
Puppet Puppet Enterprise
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
4
CVSSv2
CVE-2013-6422
The GnuTLS backend in libcurl 7.21.4 up to and including 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote malicious users to spoof server...
Debian Debian Linux 7.0
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 13.04
Haxx Libcurl 7.30.0
Haxx Libcurl 7.28.0
Haxx Libcurl 7.23.1
Haxx Libcurl 7.21.4
Haxx Libcurl 7.27.0
Haxx Libcurl 7.26.0
Haxx Libcurl 7.25.0
Haxx Libcurl 7.24.0
Haxx Libcurl 7.33.0
Haxx Libcurl 7.32.0
Haxx Libcurl 7.21.5
Haxx Libcurl 7.21.6
Haxx Libcurl 7.21.7
Haxx Libcurl 7.31.0
Haxx Libcurl 7.29.0
Haxx Libcurl 7.28.1
Haxx Libcurl 7.23.0
10
CVSSv2
CVE-2013-5610
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 26.0 and SeaMonkey prior to 2.23 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Mozilla Firefox
Mozilla Seamonkey
Oracle Solaris 11.3
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
7.5
CVSSv2
CVE-2013-5619
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox prior to 26.0 and SeaMonkey prior to 2.23 might allow remote malicious users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via c...
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Oracle Solaris 11.3
5.8
CVSSv2
CVE-2013-5611
Mozilla Firefox prior to 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote malicious users to spoof a Web App installation site by controlling the timing of page navigation.
Oracle Solaris 11.3
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Desktop 11
Opensuse Project Opensuse 12.3
Opensuse Opensuse 13.1
Opensuse Project Opensuse 11.4
Mozilla Firefox 0.10
Mozilla Firefox 0.2
Mozilla Firefox 0.7.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.8
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.3
7.5
CVSSv2
CVE-2013-5615
The JavaScript implementation in Mozilla Firefox prior to 26.0, Firefox ESR 24.x prior to 24.2, Thunderbird prior to 24.2, and SeaMonkey prior to 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Suse Linux Enterprise Desktop 11
Suse Suse Linux Enterprise Server 11
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
4.3
CVSSv2
CVE-2013-6672
Mozilla Firefox prior to 26.0 and SeaMonkey prior to 2.23 on Linux allow user-assisted remote malicious users to read clipboard data by leveraging certain middle-click paste operations.
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Oracle Solaris 11.3
Fedoraproject Fedora 19
Fedoraproject Fedora 20
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »