Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse suse linux enterprise software development kit 11 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2324
Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd prior to 1.4.35 allow remote malicious users to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.
Lighttpd Lighttpd
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise High Availability Extension 11
Suse Linux Enterprise Software Development Kit 11
Contec Sv-cpt-mc310 Firmware
2 Github repositories
9.8
CVSSv3
CVE-2014-2323
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd prior to 1.4.35 allows remote malicious users to execute arbitrary SQL commands via the host name, related to request_check_hostname.
Lighttpd Lighttpd
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise High Availability Extension 11
Suse Linux Enterprise Software Development Kit 11
1 Github repository
NA
CVE-2014-1480
The file-download implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 does not properly restrict the timing of button selections, which allows remote malicious users to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, vi...
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Oracle Solaris 11.3
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Mozilla Firefox
Mozilla Seamonkey
NA
CVE-2014-1483
Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 allow remote malicious users to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and do...
Oracle Solaris 11.3
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Mozilla Seamonkey
Mozilla Firefox
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 11.4
Opensuse Opensuse 13.1
NA
CVE-2014-1484
Mozilla Firefox prior to 27.0 on Android 4.2 and previous versions creates system-log entries containing profile paths, which allows malicious users to obtain sensitive information via a crafted application.
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Mozilla Firefox 0.4
Mozilla Firefox 0.5
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9.2
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.6
Mozilla Firefox 1.5.7
Mozilla Firefox 2.0.0.13
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.15
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.4
Mozilla Firefox 3.0.18
Mozilla Firefox 3.0
NA
CVE-2014-1485
The Content Security Policy (CSP) implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote malicious users to execute arbitrary XSLT code b...
Mozilla Seamonkey
Mozilla Firefox
Oracle Solaris 11.3
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Linux Enterprise Software Development Kit 11
Opensuse Opensuse 11.4
Opensuse Opensuse 13.1
NA
CVE-2014-1488
The Web workers implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 allows remote malicious users to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with...
Mozilla Seamonkey
Mozilla Firefox
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Oracle Solaris 11.3
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Linux Enterprise Software Development Kit 11
Opensuse Opensuse 13.1
NA
CVE-2014-1489
Mozilla Firefox prior to 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote malicious users to cause a denial of service (session restore) via a crafted web site.
Oracle Solaris 11.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Mozilla Firefox 0.4
Mozilla Firefox 0.5
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.7
Mozilla Firefox
Mozilla Firefox 0.1
Mozilla Firefox 0.6
Mozilla Firefox 0.6.1
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.7
NA
CVE-2013-6672
Mozilla Firefox prior to 26.0 and SeaMonkey prior to 2.23 on Linux allow user-assisted remote malicious users to read clipboard data by leveraging certain middle-click paste operations.
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Oracle Solaris 11.3
Fedoraproject Fedora 19
Fedoraproject Fedora 20
5.9
CVSSv3
CVE-2013-6673
Mozilla Firefox prior to 26.0, Firefox ESR 24.x prior to 24.2, Thunderbird prior to 24.2, and SeaMonkey prior to 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle malicious users to spoof SSL servers in ...
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »