Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

common desktop environment project common desktop environment - vulnerabilities and exploits

(subscribe to this query)
8.8
CVSSv3
CVE-2010-2753
Integer overflow in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 allows remote malicious users to execute arbitrary code via a large selection attribute in a XUL tree elemen...
Mozilla FirefoxMozilla SeamonkeyMozilla Thunderbird 3.1Mozilla ThunderbirdSuse Linux Enterprise Desktop 11Opensuse Opensuse 11.1Suse Linux Enterprise Server 11Opensuse Opensuse 11.2Opensuse Opensuse 11.3Suse Linux Enterprise Software Development Kit 11
7.5
CVSSv3
CVE-2009-1837
Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 prior to 3.0.11 might allow remote malicious users to execute arbitrary code via a page transition during Java applet loading, related to a use-afte...
Mozilla FirefoxDebian Debian Linux 5.0Fedoraproject Fedora 10Fedoraproject Fedora 9Redhat Enterprise Linux Server 5.0Redhat Enterprise Linux 4.0Redhat Enterprise Linux Workstation 5.0Redhat Enterprise Linux 5.0Redhat Enterprise Linux Desktop 4.0Redhat Enterprise Linux Desktop 5.0Redhat Enterprise Linux Server 4.0Redhat Enterprise Linux Workstation 4.0Redhat Enterprise Linux Server Aus 5.3Redhat Enterprise Linux Eus 5.3Redhat Enterprise Linux Eus 4.8
5.6
CVSSv3
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308Intel Atom C C2316Intel Atom C C2338Intel Atom C C2350Intel Atom C C2358Intel Atom C C2508Intel Atom C C2516Intel Atom C C2518Intel Atom C C2530Intel Atom C C2538Intel Atom C C2550Intel Atom C C2558Intel Atom C C2718Intel Atom C C2730Intel Atom C C2738Intel Atom C C2750Intel Atom C C2758Intel Atom C C3308Intel Atom C C3338Intel Atom C C3508Intel Atom C C3538Intel Atom C C3558
NA
CVE-2010-5298
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL up to and including 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote malicious users to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL conn...
Openssl OpensslMariadb MariadbFedoraproject Fedora 20Fedoraproject Fedora 19Suse Linux Enterprise Server 12Suse Linux Enterprise Software Development Kit 12Suse Linux Enterprise Desktop 12Suse Linux Enterprise Workstation Extension 12
NA
CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle malicious users...
Opera Opera Browser -Microsoft Internet Explorer -Microsoft Windows -Google Chrome -Mozilla Firefox -Siemens Simatic Rf68xr FirmwareSiemens Simatic Rf615r FirmwareHaxx CurlRedhat Enterprise Linux Server 5.0Redhat Enterprise Linux Server Aus 6.2Redhat Enterprise Linux Workstation 5.0Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Workstation 6.0Redhat Enterprise Linux Desktop 5.0Redhat Enterprise Linux Eus 6.2Debian Debian Linux 5.0Debian Debian Linux 6.0Canonical Ubuntu Linux 10.10Canonical Ubuntu Linux 11.04Canonical Ubuntu Linux 11.10Canonical Ubuntu Linux 10.04
NA
CVE-2009-2472
Mozilla Firefox prior to 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote malicious users to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross...
Mozilla FirefoxFedoraproject Fedora 10Suse Linux Enterprise Debuginfo 10Suse Linux Enterprise Debuginfo 11Opensuse Opensuse 11.0Opensuse Opensuse 11.1Suse Linux Enterprise Desktop 10Suse Linux Enterprise Desktop 11Suse Linux Enterprise Server 10Suse Linux Enterprise Server 11
NA
CVE-2008-5021
nsFrameManager in Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, Thunderbird 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a fi...
Mozilla FirefoxMozilla SeamonkeyMozilla ThunderbirdDebian Debian Linux 4.0Canonical Ubuntu Linux 6.06Canonical Ubuntu Linux 7.10Canonical Ubuntu Linux 8.04Canonical Ubuntu Linux 8.10Fedoraproject Fedora 9Fedoraproject Fedora 8Opensuse Opensuse 10.2Suse Linux Enterprise Server 9Novell Linux Desktop 9Opensuse Opensuse 11.0Opensuse Opensuse 10.3Suse Linux Enterprise Software Development Kit 10Suse Linux Enterprise Debuginfo 10Suse Linux Enterprise Server 10Suse Linux Enterprise Desktop 10Novell Open Enterprise Server -
NA
CVE-2005-1761
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
Novell Open Enterprise Server 9Novell Linux Desktop 9Suse Suse Linux 9.0Suse Suse Linux 9.3Suse Suse Linux 9.2Suse Suse Linux 8Suse Suse Linux 1.0Suse Suse Linux 9.1
NA
CVE-2004-0687
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm prior to 6.8.1 allow remote malicious users to execute arbitrary code via a malformed XPM image file.
Xfree86 Project X11r6 4.1.0Xfree86 Project X11r6 3.3.6Xfree86 Project X11r6 4.0.2.11Xfree86 Project X11r6 4.0.3X.org X11r6 6.7.0Xfree86 Project X11r6 4.3.0Xfree86 Project X11r6 4.2.1X.org X11r6 6.8Xfree86 Project X11r6 4.0Xfree86 Project X11r6 4.0.1Xfree86 Project X11r6 4.2.0Xfree86 Project X11r6 4.1.12Xfree86 Project X11r6 4.1.11Suse Suse Linux 9.0Suse Suse Linux 8.2Suse Suse Linux 8Suse Suse Linux 9.1Openbsd Openbsd 3.5Openbsd Openbsd 3.4Suse Suse Linux 8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook