Lucene search

K
CanonicalUbuntu Linux10.04

509 matches found

CVE
CVE
added 2010/09/07 6:0 p.m.49 views

CVE-2010-3259

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sens...

4.3CVSS7.8AI score0.00823EPSS
CVE
CVE
added 2013/11/23 11:55 a.m.49 views

CVE-2010-3443

ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service (unresponsive IRC) via multiple Client-To-Client Protocol (CTCP) requests in a PRIVMSG message.

5CVSS6.6AI score0.0119EPSS
CVE
CVE
added 2010/09/09 10:0 p.m.48 views

CVE-2010-1781

Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element.

6.8CVSS9AI score0.09516EPSS
CVE
CVE
added 2014/04/27 8:55 p.m.48 views

CVE-2011-3152

DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade tarba...

6.4CVSS6.6AI score0.00439EPSS
CVE
CVE
added 2010/08/24 8:0 p.m.47 views

CVE-2010-3114

The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSepa...

10CVSS8.6AI score0.00625EPSS
CVE
CVE
added 2012/11/04 10:55 p.m.47 views

CVE-2012-5821

Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.

5.9CVSS5.3AI score0.00237EPSS
CVE
CVE
added 2010/08/24 8:0 p.m.45 views

CVE-2010-3115

Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors.

5CVSS8.7AI score0.01527EPSS
CVE
CVE
added 2011/06/02 7:55 p.m.44 views

CVE-2011-0730

Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubuntu Enterprise Cloud (UEC) and other products, do not properly interpret signed elements in SOAP requests, which allows man-in-the-middle attackers to execute arbitrary commands by modifying a request, related to an "XML Signatur...

6.5CVSS7.2AI score0.00467EPSS
CVE
CVE
added 2014/05/22 11:55 p.m.35 views

CVE-2012-6648

gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT from CVE-2012-0943 per ADT1/ADT2 due to different codebase...

2.1CVSS6.2AI score0.00264EPSS
Total number of security vulnerabilities509