Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical ubuntu linux 13.04 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6891
lppasswd in CUPS prior to 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.
Apple Cups 1.7.1
Apple Cups 1.7
Apple Cups
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
NA
CVE-2013-0339
libxml2 up to and including 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote malicious users to cause a denial of service (resource consumption), se...
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.6.29
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Xmlsoft Libxml2 2.8.0
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.7.2
Xmlsoft Libxml2 2.4.21
Xmlsoft Libxml2 2.4.20
Xmlsoft Libxml2 2.3.7
NA
CVE-2013-2037
httplib2 0.7.2, 0.8, and previous versions, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users ...
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Httplib2 Project Httplib2
Httplib2 Project Httplib2 0.8
NA
CVE-2013-4969
Puppet prior to 3.3.3 and 3.4 prior to 3.4.1 and Puppet Enterprise (PE) prior to 2.8.4 and 3.1 prior to 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files.
Puppetlabs Puppet
Puppet Puppet Enterprise
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
NA
CVE-2013-6422
The GnuTLS backend in libcurl 7.21.4 up to and including 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote malicious users to spoof server...
Debian Debian Linux 7.0
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Haxx Libcurl 7.30.0
Haxx Libcurl 7.25.0
Haxx Libcurl 7.33.0
Haxx Libcurl 7.23.0
Haxx Libcurl 7.26.0
Haxx Libcurl 7.31.0
Haxx Libcurl 7.22.0
Haxx Libcurl 7.28.0
Haxx Libcurl 7.21.5
Haxx Libcurl 7.24.0
Haxx Libcurl 7.27.0
Haxx Libcurl 7.23.1
Haxx Libcurl 7.21.6
Haxx Libcurl 7.21.7
Haxx Libcurl 7.32.0
Haxx Libcurl 7.29.0
Haxx Libcurl 7.28.1
NA
CVE-2013-6672
Mozilla Firefox prior to 26.0 and SeaMonkey prior to 2.23 on Linux allow user-assisted remote malicious users to read clipboard data by leveraging certain middle-click paste operations.
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Linux Enterprise Software Development Kit 11
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Oracle Solaris 11.3
Fedoraproject Fedora 20
Fedoraproject Fedora 19
5.9
CVSSv3
CVE-2013-6673
Mozilla Firefox prior to 26.0, Firefox ESR 24.x prior to 24.2, Thunderbird prior to 24.2, and SeaMonkey prior to 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle malicious users to spoof SSL servers in ...
Fedoraproject Fedora 18
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
9.8
CVSSv3
CVE-2013-5615
The JavaScript implementation in Mozilla Firefox prior to 26.0, Firefox ESR 24.x prior to 24.2, Thunderbird prior to 24.2, and SeaMonkey prior to 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified...
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 12.3
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Suse Suse Linux Enterprise Desktop 11
Suse Suse Linux Enterprise Server 11
Fedoraproject Fedora 18
Fedoraproject Fedora 20
Fedoraproject Fedora 19
NA
CVE-2013-5619
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox prior to 26.0 and SeaMonkey prior to 2.23 might allow remote malicious users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via c...
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Oracle Solaris 11.3
NA
CVE-2013-5610
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 26.0 and SeaMonkey prior to 2.23 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Mozilla Firefox
Mozilla Seamonkey
Oracle Solaris 11.3
Fedoraproject Fedora 18
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Linux Enterprise Software Development Kit 11
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »