Search Results (Refine Search)
- CPE Product Version: cpe:/o:canonical:ubuntu_linux:13.10
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-3144 |
The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced. Published: May 11, 2014; 5:55:06 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2014-0056 |
The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command. Published: May 08, 2014; 10:29:12 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2013-4544 |
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information. Published: May 08, 2014; 10:29:11 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2014-0196 |
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. Published: May 07, 2014; 6:55:04 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2013-7374 |
The Ubuntu Date and Time Indicator (aka indicator-datetime) 13.10.0+13.10.x before 13.10.0+13.10.20131023.2-0ubuntu1.1 does not properly restrict access to Evolution, which allows local users to bypass the greeter screen restrictions by clicking the date. Published: May 01, 2014; 1:28:36 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2014-0471 |
Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting." Published: April 30, 2014; 10:22:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-1532 |
Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution. Published: April 30, 2014; 6:49:05 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2014-1531 |
Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation. Published: April 30, 2014; 6:49:05 AM -0400 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2014-1530 |
The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation. Published: April 30, 2014; 6:49:05 AM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2014-1529 |
The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted. Published: April 30, 2014; 6:49:04 AM -0400 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2014-1528 |
The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element. Published: April 30, 2014; 6:49:04 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2014-1526 |
The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects. Published: April 30, 2014; 6:49:04 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2014-1525 |
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document. Published: April 30, 2014; 6:49:04 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2014-1524 |
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object. Published: April 30, 2014; 6:49:04 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2014-1523 |
Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. Published: April 30, 2014; 6:49:04 AM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2014-1522 |
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content. Published: April 30, 2014; 6:49:04 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2014-1519 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Published: April 30, 2014; 6:49:04 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2014-1518 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Published: April 30, 2014; 6:49:04 AM -0400 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2014-0474 |
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting." Published: April 23, 2014; 11:55:03 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2014-0473 |
The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 reuses a cached CSRF token for all anonymous users, which allows remote attackers to bypass CSRF protections by reading the CSRF cookie for anonymous users. Published: April 23, 2014; 11:55:03 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |