118 matches found
EUVD-2015-1469
Malware in sbrugna...
CVE-2015-3643
usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call checkpolkit for the KVMTest method...
Design/Logic Flaw
Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in oxide-qt in Ubuntu 15.04 and 14.04 LTS might allow remote attackers to execute arbitrary code...
CVE-2015-1329
The CVE-2015-1329 issue affects oxide-qt (Ubuntu 15.04 and 14.04 LTS). The root cause is a use-after-free in oxide::qt::URLRequestDelegatedJob, which may allow remote code execution in the context of the affected browser engine. Impact is remote code execution with the user’s privileges and high ...
Race condition
Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files...
CVE-2015-1324
Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root...
CVE-2015-1324
Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root...
CVE-2015-1325
Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files...
CVE-2015-1332
The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service application crash or execute arbitrary code via a crafted website...
CVE-2015-1332
The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service application crash or execute arbitrary code via a crafted website...
CVE-2015-1332
CVE-2015-1332 describes a heap corruption in oxide::JavaScriptDialogManager within oxide-qt. Affected: Ubuntu 15.04 and 14.04 packaged oxide-qt core library. Impact per advisories: denial of service via renderer crash and potential arbitrary code execution when visiting a crafted website. Remedia...
CVE-2015-1323
The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to...
CVE-2015-1323
CVE-2015-1323 affects aptdaemon's simulate dbus method, enabling a local attacker to obtain sensitive information or access files with root permissions. Ubuntu packages were affected across multiple releases (12.04 LTS through 15.04) prior to fixed versions (e.g., 1.1.1+bzr982-0ubuntu32.1 and rel...
Ubuntu click privilege acquisition vulnerability
Ubuntu is a desktop-oriented GNU/Linux operating system developed by Canonical and the Ubuntu Foundation.Ubuntu LTS is a long-supported version of Ubuntu. click is one of the filesystems in which third-party applications are installed in a simplified packaging format. A security vulnerability...
Ubuntu: Security Advisory (USN-2882-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2879-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2879-1: rsync vulnerability
It was discovered that rsync incorrectly handled invalid filenames. A malicious server could use this issue to write files outside of the intended destination directory...
USN-2871-1: Linux kernel vulnerability
Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
Ubuntu: Security Advisory (USN-2865-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2866-1: Firefox vulnerability
Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information...