Lucene search

K
CanonicalUbuntu Linux

562 matches found

CVE
CVE
added 2020/05/07 8:15 p.m.156 views

CVE-2020-11048

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0.

3.5CVSS5.4AI score0.00108EPSS
CVE
CVE
added 2020/05/07 7:15 p.m.153 views

CVE-2020-11042

In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -> 4GB) to an intermediate buffer. This can be used to crash the client or store information for later retrieval. Th...

5.9CVSS6.3AI score0.00111EPSS
CVE
CVE
added 2020/06/03 2:15 p.m.153 views

CVE-2020-13254

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.

5.9CVSS5.9AI score0.10756EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.153 views

CVE-2020-16298

A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.9AI score0.01448EPSS
CVE
CVE
added 2020/01/21 9:15 p.m.153 views

CVE-2020-7040

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fil...

9.3CVSS7.8AI score0.05455EPSS
CVE
CVE
added 2020/02/19 7:15 p.m.151 views

CVE-2020-6062

An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigger this vulnerability.

7.5CVSS8.2AI score0.07529EPSS
CVE
CVE
added 2020/05/07 8:15 p.m.150 views

CVE-2020-11047

In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This has been patched in 2...

5.9CVSS6.2AI score0.00078EPSS
CVE
CVE
added 2020/11/06 2:15 a.m.150 views

CVE-2020-15708

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.

9.3CVSS8.6AI score0.00133EPSS
CVE
CVE
added 2020/06/08 5:15 p.m.149 views

CVE-2020-13696

An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to ...

4.4CVSS4.4AI score0.00053EPSS
CVE
CVE
added 2020/05/07 7:15 p.m.147 views

CVE-2020-11046

In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.

5.5CVSS5.4AI score0.00108EPSS
CVE
CVE
added 2020/05/07 7:15 p.m.144 views

CVE-2020-11045

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer. The result displayed on screen as colour.

4.9CVSS5.4AI score0.00146EPSS
CVE
CVE
added 2020/05/15 4:15 a.m.144 views

CVE-2020-11931

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue af...

3.3CVSS3.8AI score0.00047EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.144 views

CVE-2020-16297

A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS6.1AI score0.00453EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.144 views

CVE-2020-16304

A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.

5.5CVSS6.4AI score0.00401EPSS
CVE
CVE
added 2020/02/25 5:15 p.m.144 views

CVE-2020-8793

OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.

4.7CVSS4.7AI score0.00811EPSS
CVE
CVE
added 2020/09/30 7:15 p.m.142 views

CVE-2020-14378

An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the move_desc function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause move_desc to get stuck in a 4,294,967,295-count iteration loop. Depending on how vhost_crypto is ...

3.3CVSS5.7AI score0.00084EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.142 views

CVE-2020-16293

A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.6AI score0.00987EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.141 views

CVE-2020-16307

A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.

5.5CVSS5.7AI score0.01336EPSS
CVE
CVE
added 2020/01/13 7:15 p.m.141 views

CVE-2020-5390

PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verif...

7.5CVSS7.3AI score0.00665EPSS
CVE
CVE
added 2020/05/12 9:15 p.m.140 views

CVE-2020-11058

In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0.

3.5CVSS5.4AI score0.00108EPSS
CVE
CVE
added 2020/09/30 7:15 p.m.140 views

CVE-2020-14375

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated...

7.8CVSS7.7AI score0.00061EPSS
CVE
CVE
added 2020/09/30 7:15 p.m.140 views

CVE-2020-14377

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer over read. The results of the over read are then written back to the guest virtual machine memory. This vulnerability can be used by an attac...

7.1CVSS7.4AI score0.00081EPSS
CVE
CVE
added 2020/09/30 8:15 p.m.139 views

CVE-2020-14374

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulne...

8.8CVSS8.6AI score0.00187EPSS
CVE
CVE
added 2020/06/02 7:15 p.m.138 views

CVE-2020-7663

websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other charac...

7.5CVSS7.2AI score0.00725EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.137 views

CVE-2020-16287

A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.9AI score0.01448EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.137 views

CVE-2020-16303

A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.

7.8CVSS7.3AI score0.00962EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.137 views

CVE-2020-17538

A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS6.1AI score0.00693EPSS
CVE
CVE
added 2020/09/01 1:15 p.m.136 views

CVE-2020-24584

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.

7.5CVSS7.3AI score0.01356EPSS
CVE
CVE
added 2020/09/30 7:15 p.m.135 views

CVE-2020-14376

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

7.8CVSS7.9AI score0.00094EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.135 views

CVE-2020-16289

A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.9AI score0.01448EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.135 views

CVE-2020-16310

A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.7AI score0.00621EPSS
CVE
CVE
added 2020/09/01 1:15 p.m.135 views

CVE-2020-24583

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level ...

7.5CVSS7.3AI score0.02402EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.134 views

CVE-2020-16294

A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.9AI score0.00757EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.134 views

CVE-2020-16301

A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.9AI score0.00683EPSS
CVE
CVE
added 2020/06/03 2:15 p.m.133 views

CVE-2020-13596

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.

6.1CVSS5.9AI score0.01231EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.133 views

CVE-2020-16309

A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51.

5.5CVSS5.9AI score0.01954EPSS
CVE
CVE
added 2020/07/17 4:15 p.m.132 views

CVE-2020-14001

The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins with template="string://

9.8CVSS9.3AI score0.03629EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.132 views

CVE-2020-16295

A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.7AI score0.00621EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.130 views

CVE-2020-16291

A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS6.1AI score0.01001EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.130 views

CVE-2020-16302

A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.

5.5CVSS6.2AI score0.00809EPSS
CVE
CVE
added 2020/06/06 7:15 p.m.129 views

CVE-2020-13881

In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.

7.5CVSS7.4AI score0.00867EPSS
CVE
CVE
added 2020/01/08 10:15 p.m.128 views

CVE-2019-17025

Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox

8.8CVSS8.9AI score0.00573EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.128 views

CVE-2020-16308

A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.9AI score0.01448EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.127 views

CVE-2020-16306

A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.

5.5CVSS5.7AI score0.01336EPSS
CVE
CVE
added 2020/04/22 1:15 p.m.126 views

CVE-2020-12059

An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception.

7.5CVSS7.3AI score0.00274EPSS
CVE
CVE
added 2020/04/28 12:15 a.m.125 views

CVE-2019-15790

Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit this to read information about a privileged...

3.3CVSS5.3AI score0.00086EPSS
CVE
CVE
added 2020/05/07 7:15 p.m.125 views

CVE-2020-11044

In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0.

3.5CVSS5.5AI score0.00094EPSS
CVE
CVE
added 2020/04/22 5:15 p.m.125 views

CVE-2020-12066

CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server.

7.8CVSS7.3AI score0.04554EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.125 views

CVE-2020-16288

A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.9AI score0.01448EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.125 views

CVE-2020-16296

A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS6.1AI score0.00693EPSS
Total number of security vulnerabilities562