Export limit exceeded: 359807 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359807 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4205 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-1653 | 3 Canonical, Puppet, Puppetlabs | 4 Ubuntu Linux, Puppet, Puppet Enterprise and 1 more | 2025-04-11 | N/A |
| Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code via a crafted HTTP request. | ||||
| CVE-2012-3990 | 5 Canonical, Debian, Mozilla and 2 more | 14 Ubuntu Linux, Debian Linux, Firefox and 11 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function. | ||||
| CVE-2012-3986 | 5 Canonical, Debian, Mozilla and 2 more | 14 Ubuntu Linux, Debian Linux, Firefox and 11 more | 2025-04-11 | N/A |
| Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code. | ||||
| CVE-2012-3985 | 3 Canonical, Mozilla, Suse | 6 Ubuntu Linux, Firefox, Seamonkey and 3 more | 2025-04-11 | N/A |
| Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly implement the HTML5 Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging initial-origin access after document.domain has been set. | ||||
| CVE-2012-3984 | 3 Canonical, Mozilla, Suse | 6 Ubuntu Linux, Firefox, Seamonkey and 3 more | 2025-04-11 | N/A |
| Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling. | ||||
| CVE-2012-3983 | 3 Canonical, Mozilla, Suse | 6 Ubuntu Linux, Firefox, Seamonkey and 3 more | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||||
| CVE-2012-3982 | 5 Canonical, Debian, Mozilla and 2 more | 14 Ubuntu Linux, Debian Linux, Firefox and 11 more | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||||
| CVE-2012-3976 | 5 Canonical, Mozilla, Opensuse and 2 more | 13 Ubuntu Linux, Firefox, Seamonkey and 10 more | 2025-04-11 | N/A |
| Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page. | ||||
| CVE-2012-3968 | 5 Canonical, Mozilla, Opensuse and 2 more | 15 Ubuntu Linux, Firefox, Seamonkey and 12 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor. | ||||
| CVE-2012-3972 | 6 Canonical, Debian, Mozilla and 3 more | 16 Ubuntu Linux, Debian Linux, Firefox and 13 more | 2025-04-11 | N/A |
| The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read. | ||||
| CVE-2011-3377 | 3 Canonical, Opensuse, Redhat | 4 Ubuntu Linux, Opensuse, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain. | ||||
| CVE-2012-3967 | 6 Canonical, Linux, Mozilla and 3 more | 15 Ubuntu Linux, Linux Kernel, Firefox and 12 more | 2025-04-11 | N/A |
| The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site. | ||||
| CVE-2012-3963 | 5 Canonical, Mozilla, Opensuse and 2 more | 15 Ubuntu Linux, Firefox, Seamonkey and 12 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2012-3961 | 5 Canonical, Mozilla, Opensuse and 2 more | 15 Ubuntu Linux, Firefox, Seamonkey and 12 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||||
| CVE-2012-3960 | 5 Canonical, Mozilla, Opensuse and 2 more | 15 Ubuntu Linux, Firefox, Seamonkey and 12 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||||
| CVE-2012-0044 | 3 Canonical, Linux, Redhat | 5 Ubuntu Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-04-11 | 7.8 High |
| Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call. | ||||
| CVE-2012-3959 | 6 Canonical, Debian, Mozilla and 3 more | 16 Ubuntu Linux, Debian Linux, Firefox and 13 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||||
| CVE-2012-5836 | 4 Canonical, Mozilla, Opensuse and 1 more | 8 Ubuntu Linux, Firefox, Seamonkey and 5 more | 2025-04-11 | N/A |
| Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text. | ||||
| CVE-2012-3957 | 5 Canonical, Mozilla, Opensuse and 2 more | 15 Ubuntu Linux, Firefox, Seamonkey and 12 more | 2025-04-11 | N/A |
| Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2012-3954 | 4 Canonical, Debian, Isc and 1 more | 4 Ubuntu Linux, Debian Linux, Dhcp and 1 more | 2025-04-11 | N/A |
| Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. | ||||