Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu linux 8.10 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-5501
The layout engine in Mozilla Firefox 3.x prior to 3.0.5, Thunderbird 2.x prior to 2.0.0.19, and SeaMonkey 1.x prior to 1.1.14 allows remote malicious users to cause a denial of service via vectors that trigger an assertion failure.
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
7.2
CVSSv2
CVE-2009-3725
The connector layer in the Linux kernel prior to 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restrictions and gain privileges vi...
Linux Linux Kernel
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 9.04
5
CVSSv2
CVE-2009-1191
mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote malicious users to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
Apache Http Server 2.2.11
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
4.9
CVSSv2
CVE-2009-3001
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and previous versions does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket.
Linux Linux Kernel 2.6.31
Linux Linux Kernel
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
1 EDB exploit
4.9
CVSSv2
CVE-2009-3002
The Linux kernel prior to 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in ...
Linux Linux Kernel 2.6.31
Linux Linux Kernel
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
2 EDB exploits
7.8
CVSSv2
CVE-2008-4934
The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel prior to 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows malicious users to cause a denial of service (system crash) via a crafted...
Linux Linux Kernel
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
4.3
CVSSv2
CVE-2008-5019
The session restore feature in Mozilla Firefox 3.x prior to 3.0.4 and 2.x prior to 2.0.0.18 allows remote malicious users to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors.
Mozilla Firefox
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
7.5
CVSSv2
CVE-2009-0586
Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) prior to 0.10.23 in GStreamer allows context-dependent malicious users to execute arbitrary code via a crafted COVERART tag...
Gstreamer Project Gstreamer
Canonical Ubuntu Linux 8.10
6.4
CVSSv2
CVE-2009-1956
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util prior to 1.3.5 on big-endian platforms allows remote malicious users to obtain sensitive information or cause a denial of service (application crash) via crafted input.
Apache Apr-util
Apache Http Server
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
7.5
CVSSv2
CVE-2008-5023
Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.
Mozilla Firefox
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »