PYSEC-2026-135

In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs...

CVE-2025-14551

In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs...

CVE-2023-0189

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering...

CVE-2020-24977

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e...

CVE-2011-2683

reseed seeds random numbers from an insecure HTTP request to random.org during installation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a man-in-the-middle attack...

CVE-2016-4558

The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted application on 1 a system with more than 32 Gb of memory, related to the program reference...

CVE-2016-3713

The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...

CVE-2016-2187

The gtcoprobe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash via a crafted endpoints value in a USB device descriptor...

CVE-2016-2543

The sndseqioctlremoveevents function in sound/core/seq/seqclientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted ioctl call...

CVE-2015-4001

Integer signedness error in the ozhcdgetdesccnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted packet...

CVE-2015-2153

The rpkirtrpduprint function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via a crafted header length in an RPKI-RTR Protocol Data Unit PDU...

CVE-2014-8134

The paravirtopssetup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirtenabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value...

CVE-2014-7231

The strutils.maskpassword function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log...

CVE-2013-4739

The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to obtain sensitive information from kernel stack memory via 1 a crafted MSMMCRIOCTLEVTGET ioctl call, related to...

CVE-2013-0768

Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies...

CVE-2011-1020

The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lsee...

CVE-2008-0073

Array index error in the sdpplinparse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter...

CVE-2008-0485

Array index error in libmpdemux/demuxmov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag...