CVEs (1,928)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
6Canonical FedoraprojectMozilla+3 more16Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+13 moreApr 29, 2026 Dec 11, 2013 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use...Show more |
6Canonical FedoraprojectMozilla+3 more16Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+13 moreApr 29, 2026 Dec 11, 2013 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and...Show more |
6Canonical FedoraprojectMozilla+3 more16Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+13 moreApr 29, 2026 Dec 11, 2013 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attac...Show more |
7Canonical FedoraprojectMozilla+4 more16Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+13 moreApr 29, 2026 Dec 11, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended...Show more |
6Canonical FedoraprojectMozilla+3 more16Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+13 moreApr 29, 2026 Dec 11, 2013 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to e...Show more |
7Canonical FedoraprojectMozilla+4 more16Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+13 moreApr 29, 2026 Dec 11, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation t...Show more |
6Canonical FedoraprojectMozilla+3 more16Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+13 moreApr 29, 2026 Dec 11, 2013 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of serv...Show more |
2Oracle Redhat8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 moreApr 29, 2026 Oct 16, 2013 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confi...Show more |
3Canonical OracleRedhat8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 moreApr 29, 2026 Oct 16, 2013 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and...Show more |
3Canonical OracleRedhat9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 moreApr 29, 2026 Oct 16, 2013 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows r...Show more |
3Canonical OracleRedhat8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 moreApr 29, 2026 Oct 16, 2013 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and...Show more |
5Canonical DebianMariadb+2 more7Debian Linux Enterprise Linux DesktopEnterprise Linux Server+4 moreApr 29, 2026 Oct 16, 2013 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication. |
5Canonical DebianMariadb+2 more7Debian Linux Enterprise Linux DesktopEnterprise Linux Server+4 moreApr 29, 2026 Oct 16, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related...Show more |
4Canonical OpensuseQemu+1 more7Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+4 moreApr 29, 2026 Oct 4, 2013 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. |
4Apache CanonicalOpensuse+1 more9Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+6 moreApr 29, 2026 Jul 10, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which...Show more |
6Canonical DebianMozilla+3 more15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 moreApr 22, 2026 Jun 26, 2013 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which al...Show more |
5Apache CanonicalOpensuse+2 more10Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+7 moreApr 29, 2026 Jun 10, 2013 N/A· v4 N/A· v3 5.1 MEDIUM· v2 mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary command...Show more |
6Canonical DebianFedoraproject+3 more10Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+7 moreApr 29, 2026 May 29, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and ba...Show more |
1Redhat 9Enterprise Linux Enterprise Linux DesktopEnterprise Linux Eus+6 moreApr 29, 2026 May 21, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-th...Show more |
4Adobe OpensuseRedhat+1 more10Adobe Air Adobe Air SdkEnterprise Linux Desktop+7 moreApr 29, 2026 May 16, 2013 N/A· v4 N/A· v3 10.0 HIGH· v2 Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on A...Show more |