Canonical » Ubuntu Linux » 6.06 lts : Security Vulnerabilities, CVEs, (Gain Privilege)
The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
Max CVSS
6.8
EPSS Score
1.42%
Published
2009-09-17
Updated
2024-02-13
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check.
Max CVSS
7.5
EPSS Score
0.66%
Published
2008-11-13
Updated
2018-11-02
2 vulnerabilities found