Lucene search

K
CanonicalUbuntu Linux

4105 matches found

cve
cve
added 2016/06/07 2:6 p.m.384 views

CVE-2016-4450

os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file.

7.5CVSS7AI score0.03144EPSS
cve
cve
added 2018/10/17 1:31 a.m.384 views

CVE-2018-3277

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS5AI score0.0019EPSS
cve
cve
added 2015/12/15 9:59 p.m.383 views

CVE-2015-5312

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.

7.1CVSS6.2AI score0.05353EPSS
cve
cve
added 2018/12/18 10:29 p.m.383 views

CVE-2018-16884

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption an...

8CVSS7.8AI score0.00089EPSS
cve
cve
added 2018/10/17 1:31 a.m.383 views

CVE-2018-3214

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with netw...

5.3CVSS5.5AI score0.00124EPSS
cve
cve
added 2019/05/15 1:29 p.m.383 views

CVE-2019-11833

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.

5.5CVSS6.4AI score0.00025EPSS
cve
cve
added 2019/11/26 5:15 p.m.383 views

CVE-2019-18679

An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information red...

7.5CVSS8.5AI score0.24267EPSS
cve
cve
added 2020/03/24 10:15 p.m.383 views

CVE-2020-10942

In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.

5.4CVSS6.2AI score0.00051EPSS
cve
cve
added 2018/05/30 4:29 a.m.382 views

CVE-2018-11235

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because sub...

7.8CVSS8.1AI score0.64144EPSS
cve
cve
added 2019/01/11 8:29 p.m.382 views

CVE-2018-16864

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versi...

7.8CVSS6.2AI score0.0015EPSS
cve
cve
added 2018/11/14 3:29 p.m.382 views

CVE-2018-17466

Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8CVSS7.1AI score0.00881EPSS
cve
cve
added 2019/12/24 1:15 a.m.382 views

CVE-2019-19948

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.

9.8CVSS9.4AI score0.00644EPSS
cve
cve
added 2019/07/23 11:15 p.m.382 views

CVE-2019-2738

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protoc...

3.5CVSS3AI score0.0067EPSS
cve
cve
added 2019/07/23 11:15 p.m.382 views

CVE-2019-2745

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java...

5.1CVSS4.8AI score0.00063EPSS
cve
cve
added 2019/08/21 6:15 a.m.381 views

CVE-2019-15292

An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.

10CVSS6AI score0.00953EPSS
cve
cve
added 2019/03/11 11:29 a.m.381 views

CVE-2019-9675

An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issu...

8.1CVSS8.6AI score0.00708EPSS
cve
cve
added 2019/09/25 3:15 p.m.380 views

CVE-2019-13627

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.

6.3CVSS6.3AI score0.00037EPSS
cve
cve
added 2019/12/24 1:15 a.m.380 views

CVE-2019-19949

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.

9.1CVSS9.2AI score0.00289EPSS
cve
cve
added 2019/10/16 6:15 p.m.380 views

CVE-2019-2949

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos...

6.8CVSS6.4AI score0.00358EPSS
cve
cve
added 2020/09/09 2:15 p.m.380 views

CVE-2020-1968

The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted com...

4.3CVSS4.1AI score0.00681EPSS
cve
cve
added 2024/01/08 6:15 p.m.378 views

CVE-2022-2588

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.

7.8CVSS7.5AI score0.58693EPSS
cve
cve
added 2020/06/03 3:15 a.m.377 views

CVE-2019-20811

An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.

5.5CVSS5.8AI score0.00033EPSS
cve
cve
added 2020/07/06 6:15 p.m.377 views

CVE-2020-14303

A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.

7.5CVSS7.2AI score0.16342EPSS
cve
cve
added 2020/10/06 2:15 p.m.377 views

CVE-2020-25641

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue req...

5.5CVSS5.8AI score0.00055EPSS
cve
cve
added 2019/11/27 9:15 a.m.376 views

CVE-2019-14896

A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects...

10CVSS9.6AI score0.02579EPSS
cve
cve
added 2020/07/15 6:15 p.m.376 views

CVE-2020-14577

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to c...

4.3CVSS4.4AI score0.002EPSS
cve
cve
added 2020/01/15 5:15 p.m.376 views

CVE-2020-2572

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plugin). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ...

4CVSS3.2AI score0.00321EPSS
cve
cve
added 2020/05/09 9:15 p.m.375 views

CVE-2020-12767

exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.

5.5CVSS6.6AI score0.00156EPSS
cve
cve
added 2020/01/15 5:15 p.m.375 views

CVE-2020-2589

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Succ...

4.9CVSS4.8AI score0.00362EPSS
cve
cve
added 2020/03/12 9:15 p.m.374 views

CVE-2020-0556

Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access

7.1CVSS6.8AI score0.00169EPSS
cve
cve
added 2020/07/15 6:15 p.m.374 views

CVE-2020-14621

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple p...

5.3CVSS5.2AI score0.00313EPSS
cve
cve
added 2019/05/08 2:29 p.m.373 views

CVE-2019-11815

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.

9.3CVSS7.5AI score0.01062EPSS
cve
cve
added 2019/08/19 10:15 p.m.373 views

CVE-2019-15217

An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.

4.9CVSS6.1AI score0.00065EPSS
cve
cve
added 2019/11/30 1:15 a.m.373 views

CVE-2019-19462

relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.

5.5CVSS5.5AI score0.00101EPSS
cve
cve
added 2020/01/02 2:16 p.m.373 views

CVE-2019-20218

selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.

7.5CVSS7.6AI score0.00802EPSS
cve
cve
added 2020/01/21 6:15 p.m.372 views

CVE-2019-14902

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

5.5CVSS5.9AI score0.01426EPSS
cve
cve
added 2008/01/10 11:46 p.m.371 views

CVE-2008-0226

Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.

7.5CVSS7.5AI score0.90142EPSS
Web
cve
cve
added 2020/04/15 2:15 p.m.371 views

CVE-2020-2765

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL S...

4.9CVSS4.8AI score0.00097EPSS
cve
cve
added 2018/06/13 11:29 p.m.369 views

CVE-2018-0495

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP....

4.7CVSS5.5AI score0.00313EPSS
cve
cve
added 2018/10/26 2:29 p.m.369 views

CVE-2018-15688

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.

8.8CVSS9AI score0.00829EPSS
cve
cve
added 2018/03/27 9:29 p.m.368 views

CVE-2018-0739

Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.5AI score0.13832EPSS
cve
cve
added 2020/02/24 3:15 p.m.368 views

CVE-2020-8130

There is an OS command injection vulnerability in Ruby Rake

6.9CVSS6.6AI score0.00096EPSS
cve
cve
added 2017/10/17 1:29 p.m.367 views

CVE-2017-13079

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3CVSS6.6AI score0.00387EPSS
cve
cve
added 2017/11/20 3:29 p.m.367 views

CVE-2017-16544

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code executi...

8.8CVSS8.4AI score0.01248EPSS
cve
cve
added 2019/03/06 3:29 p.m.367 views

CVE-2019-3824

A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service.

6.5CVSS5.5AI score0.08815EPSS
cve
cve
added 2020/07/15 6:15 p.m.367 views

CVE-2020-14581

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocol...

4.3CVSS4AI score0.00261EPSS
cve
cve
added 2017/10/17 1:29 p.m.366 views

CVE-2017-13081

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3CVSS6.7AI score0.00346EPSS
cve
cve
added 2015/03/16 10:59 a.m.365 views

CVE-2015-1421

Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper ...

10CVSS5.9AI score0.25935EPSS
cve
cve
added 2019/07/23 11:15 p.m.365 views

CVE-2019-2797

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached ...

4.2CVSS4.1AI score0.00172EPSS
cve
cve
added 2018/08/08 7:29 p.m.364 views

CVE-2018-14526

An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive informa...

6.5CVSS5.7AI score0.00648EPSS
Total number of security vulnerabilities4105