Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

canonical ubuntu linux 13.04 vulnerabilities and exploits

(subscribe to this query)

4.9
CVSSv2
CVE-2013-1067
Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file....
Canonical Ubuntu Linux 13.04Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 13.10Canonical Ubuntu Linux 12.04
1.9
CVSSv2
CVE-2013-2162
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and...
Canonical Ubuntu Linux 13.04Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 10.04
1.9
CVSSv2
CVE-2013-1056
X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files....
Canonical Ubuntu Linux 13.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 12.10
6.9
CVSSv2
CVE-2013-1060
A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd...
Canonical Ubuntu Linux 13.04Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 13.10
4.3
CVSSv2
CVE-2013-4202
The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. ...
Openstack CinderCanonical Ubuntu Linux 13.04
6.8
CVSSv2
CVE-2013-1981
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5)...
X Libx11 1.5.0X Libx11Canonical Ubuntu Linux 13.04Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 10.04
4.3
CVSSv2
CVE-2013-6858
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page....
Openstack HorizonOpensuse Opensuse 13.1Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 13.04Canonical Ubuntu Linux 13.10
4.6
CVSSv2
CVE-2013-4256
Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2)...
Canonical Ubuntu Linux 13.04Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 12.04Radscan Network Audio System 1.9.3
5
CVSSv2
CVE-2013-4668
Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows remote attackers to create arbitrary files via a crafted archive that is not properly handled in a "Keep directory...
File Roller Project File RollerCanonical Ubuntu Linux 12.10Canonical Ubuntu Linux 13.04
2.6
CVSSv2
CVE-2013-2037
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL...
Canonical Ubuntu Linux 13.04Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 12.10Httplib2 Project Httplib2Httplib2 Project Httplib2 0.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-36239CVE-2020-21806CVE-2021-31878arbitrary IDORCVE-2020-18158CVE-2021-3490remote code executionCVE-2021-20786
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook