Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical ubuntu linux 14.10 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2015-0811
The QCMS implementation in Mozilla Firefox prior to 37.0 allows remote malicious users to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.
Mozilla Firefox
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
7.8
CVSSv2
CVE-2015-1395
Directory traversal vulnerability in GNU patch versions which support Git-style patching prior to 2.7.3 allows remote malicious users to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Gnu Patch
7.5
CVSSv2
CVE-2015-0804
The HTMLSourceElement::BindToTree function in Mozilla Firefox prior to 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote malicious users to execute arbitrary code or cause a denial of servi...
Mozilla Firefox
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
6.4
CVSSv2
CVE-2015-2304
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and previous versions allows remote malicious users to write to arbitrary files via a full pathname in an archive.
Libarchive Libarchive
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
5
CVSSv2
CVE-2015-0802
Mozilla Firefox prior to 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote malicious users to execute arbitrary JavaScript code with chrome privileges via certain content navigation that lever...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2015-0812
Mozilla Firefox prior to 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle malicious users to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack agai...
Mozilla Firefox 36.0.4
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
7.5
CVSSv2
CVE-2015-1317
Use-after-free vulnerability in Oxide prior to 1.5.6 and 1.6.x prior to 1.6.1 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code by deleting all WebContents while a RenderProcessHost instance still exists.
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Oxide Project Oxide 1.6.0
Oxide Project Oxide
4.3
CVSSv2
CVE-2014-0190
The GIF decoder in QtGui in Qt prior to 5.3 allows remote malicious users to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
Qt Qt
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
4.3
CVSSv2
CVE-2014-9092
libjpeg-turbo prior to 1.3.1 allows remote malicious users to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
Libjpeg-turbo Libjpeg-turbo
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
7.5
CVSSv2
CVE-2015-3166
The snprintf implementation in PostgreSQL prior to 9.0.20, 9.1.x prior to 9.1.16, 9.2.x prior to 9.2.11, 9.3.x prior to 9.3.7, and 9.4.x prior to 9.4.2 does not properly handle system-call errors, which allows malicious users to obtain sensitive information or have other unspecif...
Postgresql Postgresql
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »