Vulnerabilities (CVE)

Vendor filter

Canonical Subscribe

Product filter

Ubuntu Linux Subscribe

Filter

2168 total CVE
CVE Vendors Products Updated CVSS
CVE-2013-1799 2 Gnome, Canonical 2 Ubuntu Linux, Gnome Online Accounts 2013-04-02 4.3
Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before 3.7.91, does not properly validate SSL certificates when creating accounts for providers who use the libsoup library, which allows man-in-the-middle attackers to obtain sensitive...
CVE-2013-0240 2 Gnome, Canonical 2 Ubuntu Linux, Gnome Online Accounts 2013-04-02 4.3
Gnome Online Accounts (GOA) 3.4.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.5, does not properly validate SSL certificates when creating accounts such as Windows Live and Facebook accounts, which allows man-in-the-middle attackers to obtain...
CVE-2013-1051 2 Debian, Canonical 2 Ubuntu Linux, Apt 2013-03-22 4.3
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of...
CVE-2012-5624 2 Digia, Canonical 2 Ubuntu Linux, Qt 2013-02-26 4.3
The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.
CVE-2012-0962 2 Canonical, Sebastian Heinlein 2 Ubuntu Linux, Aptdaemon 2012-12-27 4.3
Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack.
CVE-2012-2317 2 Debian, Canonical 4 Php5-common, Php5, Ubuntu Linux and 1 more 2012-08-08 4.3
The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in the php5 package before 5.3.3-7+squeeze4 in Debian GNU/Linux squeeze, the php5 package before 5.3.2-1ubuntu4.17 in Ubuntu 10.04 LTS, and the php5 package before 5.3.5-1ubuntu7.10...
CVE-2012-0950 1 Canonical 1 Ubuntu Linux 2012-06-26 5.0
The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by...
CVE-2006-3118 1 Canonical 1 Spread 2008-09-05 1.2
spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this...