76 matches found
UBUNTU-CVE-2017-5125
Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2017-17456
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-14245. Reason: This candidate is a duplicate of CVE-2017-14245. Notes: All CVE users should reference CVE-2017-14245 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
UBUNTU-CVE-2017-15931
In radare2 2.0.1, an integer exception negative number leading to an invalid memory access exists in storeversioninfognuverneed in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems...
UBUNTU-CVE-2017-10806
Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...
UBUNTU-CVE-2017-8855
wolfSSL before 3.11.0 does not prevent wcDhAgree from accepting a malformed DH key...
UBUNTU-CVE-2016-10069
coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service application crash via a mat file with an invalid number of frames...
UBUNTU-CVE-2017-2991
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec related to decompression. Successful exploitation could lead to arbitrary code execution...
UBUNTU-CVE-2016-7433
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...
UBUNTU-CVE-2016-9243
HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digestsize...
UBUNTU-CVE-2016-2848
ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via malformed options data in an OPT resource record...
UBUNTU-CVE-2016-6185
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory...
UBUNTU-CVE-2016-2368
Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could result in multiple buffer overflows, potentially resulting in code execution or memory disclosure...
UBUNTU-CVE-2015-5802
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and...
UBUNTU-CVE-2015-3026
Icecast before 2.4.2, when a streamauth handler is defined for URL authentication, allows remote attackers to cause a denial of service NULL pointer dereference and crash via a request without login credentials, as demonstrated by a request to "admin/killsource?mount=/test.ogg."...
UBUNTU-CVE-2014-8150
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL...
UBUNTU-CVE-2013-2838
Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...