Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2014/07/29 2:55 p.m.335 views

CVE-2014-5031

The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.

5CVSS7.1AI score0.01618EPSS
CVE
CVE
added 2018/09/23 9:29 p.m.335 views

CVE-2018-17407

An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.

7.8CVSS7.8AI score0.01357EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.335 views

CVE-2019-13750

Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.

6.5CVSS6.3AI score0.00286EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.335 views

CVE-2019-15214

An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.

6.9CVSS7.1AI score0.00102EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.335 views

CVE-2019-18809

A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.

4.9CVSS6AI score0.00091EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.335 views

CVE-2019-2757

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise My...

4.9CVSS4.8AI score0.00754EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.335 views

CVE-2019-2964

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multi...

4.3CVSS3.9AI score0.00256EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.335 views

CVE-2019-3003

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

4.9CVSS4.8AI score0.00419EPSS
CVE
CVE
added 2019/02/08 11:29 a.m.335 views

CVE-2019-7638

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.

8.8CVSS8.7AI score0.0338EPSS
CVE
CVE
added 2020/05/09 9:15 p.m.335 views

CVE-2020-12771

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.

5.5CVSS5.9AI score0.00063EPSS
CVE
CVE
added 2021/06/04 2:15 a.m.335 views

CVE-2021-3491

The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was...

8.8CVSS8.2AI score0.0001EPSS
CVE
CVE
added 2018/06/26 2:29 p.m.334 views

CVE-2018-1000204

Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599a...

6.3CVSS6AI score0.0021EPSS
Web
CVE
CVE
added 2018/06/21 8:29 p.m.334 views

CVE-2018-3665

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

5.6CVSS6AI score0.01319EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.334 views

CVE-2019-18678

An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlle...

5.3CVSS6.8AI score0.06405EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.334 views

CVE-2019-2988

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple proto...

4.3CVSS4AI score0.00241EPSS
CVE
CVE
added 2019/03/25 7:29 p.m.334 views

CVE-2019-3874

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.

6.5CVSS6.7AI score0.00061EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.334 views

CVE-2020-14578

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols ...

4.3CVSS4.3AI score0.0011EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.334 views

CVE-2020-2901

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful att...

4.9CVSS4.8AI score0.00448EPSS
CVE
CVE
added 2020/03/25 10:15 p.m.334 views

CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execu...

8.8CVSS9.1AI score0.01497EPSS
CVE
CVE
added 2018/04/24 6:29 a.m.333 views

CVE-2018-10323

The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.

5.5CVSS6.5AI score0.00084EPSS
CVE
CVE
added 2018/03/16 4:29 p.m.333 views

CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

7.2CVSS6.3AI score0.00053EPSS
CVE
CVE
added 2018/07/17 5:29 p.m.333 views

CVE-2018-14355

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.

5.3CVSS6.9AI score0.00451EPSS
CVE
CVE
added 2020/01/15 5:15 p.m.333 views

CVE-2020-2659

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols...

4.3CVSS4.3AI score0.00192EPSS
CVE
CVE
added 2016/01/31 6:59 p.m.332 views

CVE-2016-1947

Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.

4.7CVSS6.6AI score0.00597EPSS
CVE
CVE
added 2018/06/20 1:29 p.m.332 views

CVE-2018-1120

A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call ...

5.3CVSS6.3AI score0.00986EPSS
CVE
CVE
added 2019/07/05 1:15 a.m.332 views

CVE-2019-13297

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.

8.8CVSS8.5AI score0.00355EPSS
CVE
CVE
added 2020/01/03 1:15 a.m.332 views

CVE-2020-5312

libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.

9.8CVSS9.4AI score0.0229EPSS
CVE
CVE
added 2020/08/21 9:15 p.m.332 views

CVE-2020-8620

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

7.5CVSS7.3AI score0.0682EPSS
CVE
CVE
added 2017/10/14 11:29 p.m.331 views

CVE-2017-12629

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external...

9.8CVSS9.6AI score0.93891EPSS
Web
CVE
CVE
added 2018/02/23 11:29 p.m.331 views

CVE-2018-1305

Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that po...

6.5CVSS6.3AI score0.17655EPSS
CVE
CVE
added 2019/11/07 6:15 a.m.331 views

CVE-2019-18804

DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.

7.5CVSS7.2AI score0.02507EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.331 views

CVE-2019-19056

A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932.

4.7CVSS6.4AI score0.00089EPSS
CVE
CVE
added 2020/05/22 7:15 p.m.331 views

CVE-2020-12397

By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird

4.3CVSS6AI score0.00184EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.331 views

CVE-2020-14575

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

4.9CVSS4.9AI score0.00562EPSS
CVE
CVE
added 2022/03/29 3:15 p.m.331 views

CVE-2022-1055

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

8.6CVSS7.7AI score0.00026EPSS
CVE
CVE
added 2019/01/11 7:29 p.m.330 views

CVE-2018-16866

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.

4.3CVSS5.3AI score0.0011EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.330 views

CVE-2018-3278

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: RBR). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c...

4.9CVSS5AI score0.00159EPSS
CVE
CVE
added 2019/11/27 11:15 p.m.330 views

CVE-2019-18660

The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.

4.7CVSS6.5AI score0.00043EPSS
CVE
CVE
added 2020/05/27 3:15 p.m.330 views

CVE-2020-13631

SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.

5.5CVSS6.7AI score0.00111EPSS
CVE
CVE
added 2018/08/09 9:29 p.m.329 views

CVE-2018-10925

It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memo...

8.1CVSS7.7AI score0.00431EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.329 views

CVE-2018-3144

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compr...

5.9CVSS5.5AI score0.00601EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.329 views

CVE-2019-2948

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL S...

4.9CVSS4.8AI score0.00419EPSS
CVE
CVE
added 2016/06/27 10:59 a.m.328 views

CVE-2016-1583

The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

7.8CVSS7.4AI score0.00297EPSS
CVE
CVE
added 2019/04/09 3:29 a.m.328 views

CVE-2019-0816

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'.

5.1CVSS4.9AI score0.001EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.328 views

CVE-2019-19052

A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.

7.8CVSS7.5AI score0.01952EPSS
CVE
CVE
added 2019/04/11 4:29 p.m.328 views

CVE-2019-3459

A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.

6.5CVSS6.8AI score0.00419EPSS
CVE
CVE
added 2020/04/13 7:15 p.m.328 views

CVE-2020-1730

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...

5.3CVSS5.2AI score0.00087EPSS
CVE
CVE
added 2020/02/14 5:15 a.m.328 views

CVE-2020-8992

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

5.5CVSS5.5AI score0.00068EPSS
CVE
CVE
added 2016/04/27 5:59 p.m.327 views

CVE-2016-3672

The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a set...

7.8CVSS6.6AI score0.00021EPSS
Web
CVE
CVE
added 2018/09/18 5:29 p.m.327 views

CVE-2018-1000802

Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary fil...

9.8CVSS9.8AI score0.20083EPSS
Total number of security vulnerabilities4105