Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2020/06/09 5:15 a.m.317 views

CVE-2020-13974

An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case.

7.8CVSS7.3AI score0.00077EPSS
CVE
CVE
added 2018/04/23 7:29 p.m.316 views

CVE-2018-8781

The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code...

7.8CVSS7.5AI score0.00101EPSS
CVE
CVE
added 2018/08/22 2:29 p.m.315 views

CVE-2018-1139

A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.

8.1CVSS7.6AI score0.01965EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.314 views

CVE-2018-3136

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mult...

3.4CVSS4.7AI score0.00134EPSS
CVE
CVE
added 2019/08/17 6:15 p.m.314 views

CVE-2019-15133

In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.

6.5CVSS6.4AI score0.00151EPSS
CVE
CVE
added 2017/10/03 1:29 a.m.313 views

CVE-2017-14494

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

5.9CVSS7.3AI score0.15405EPSS
CVE
CVE
added 2018/05/23 2:29 p.m.313 views

CVE-2018-1122

procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.

7.3CVSS7.4AI score0.00324EPSS
CVE
CVE
added 2019/01/09 4:29 p.m.313 views

CVE-2018-20679

An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option()...

7.5CVSS7.9AI score0.11309EPSS
CVE
CVE
added 2019/09/11 4:15 p.m.313 views

CVE-2019-16231

drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

4.7CVSS6AI score0.00036EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.313 views

CVE-2019-2992

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple proto...

4.3CVSS4AI score0.00565EPSS
CVE
CVE
added 2020/04/17 1:15 p.m.313 views

CVE-2020-11793

A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash).

8.8CVSS9AI score0.0079EPSS
CVE
CVE
added 2017/12/11 9:29 p.m.312 views

CVE-2017-1000407

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.

7.4CVSS5.9AI score0.00458EPSS
CVE
CVE
added 2017/05/01 1:59 a.m.312 views

CVE-2017-6519

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information...

9.1CVSS8.8AI score0.0192EPSS
CVE
CVE
added 2018/10/31 7:29 p.m.312 views

CVE-2018-16842

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.

9.1CVSS8.5AI score0.00126EPSS
CVE
CVE
added 2018/11/28 2:29 p.m.312 views

CVE-2018-16851

Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size ...

6.5CVSS6.3AI score0.12108EPSS
CVE
CVE
added 2019/07/05 1:15 a.m.312 views

CVE-2019-13295

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.

8.8CVSS8.5AI score0.00355EPSS
CVE
CVE
added 2020/04/06 1:15 a.m.312 views

CVE-2020-11565

An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability...

6CVSS6.3AI score0.00114EPSS
CVE
CVE
added 2020/08/05 2:15 p.m.312 views

CVE-2020-14347

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.

5.5CVSS6.3AI score0.0002EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.311 views

CVE-2019-19059

Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures...

4.7CVSS6.1AI score0.00104EPSS
CVE
CVE
added 2020/01/08 5:15 p.m.311 views

CVE-2019-20367

nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).

9.1CVSS8.9AI score0.02365EPSS
CVE
CVE
added 2020/01/15 5:15 p.m.311 views

CVE-2020-2601

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerb...

6.8CVSS6.7AI score0.00478EPSS
CVE
CVE
added 2015/07/23 12:59 a.m.310 views

CVE-2015-1283

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a relate...

6.8CVSS8.4AI score0.05699EPSS
CVE
CVE
added 2019/07/05 1:15 a.m.310 views

CVE-2019-13301

ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.

6.5CVSS7.1AI score0.00181EPSS
CVE
CVE
added 2019/07/05 1:15 a.m.310 views

CVE-2019-13311

ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.

6.5CVSS7.1AI score0.00175EPSS
CVE
CVE
added 2020/10/13 8:15 p.m.310 views

CVE-2020-25645

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The mai...

7.5CVSS7.1AI score0.00083EPSS
CVE
CVE
added 2022/02/21 10:15 p.m.310 views

CVE-2021-4115

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spa...

5.5CVSS5.5AI score0.00015EPSS
CVE
CVE
added 2022/07/04 9:15 p.m.310 views

CVE-2022-34918

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an ...

7.8CVSS7.5AI score0.40818EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.309 views

CVE-2018-3077

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Se...

4.9CVSS4.8AI score0.00474EPSS
CVE
CVE
added 2019/07/05 1:15 a.m.309 views

CVE-2019-13305

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.

7.8CVSS8.2AI score0.00195EPSS
CVE
CVE
added 2019/07/05 1:15 a.m.309 views

CVE-2019-13306

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.

7.8CVSS8.1AI score0.00149EPSS
CVE
CVE
added 2019/12/19 6:15 p.m.309 views

CVE-2019-19906

cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.

7.5CVSS7.5AI score0.00168EPSS
CVE
CVE
added 2020/05/09 9:15 p.m.309 views

CVE-2019-20795

iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library ...

4.4CVSS4.8AI score0.00031EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.309 views

CVE-2019-2920

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 5.3.13 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL ...

5.3CVSS4.5AI score0.02738EPSS
CVE
CVE
added 2019/07/05 1:15 a.m.308 views

CVE-2019-13310

ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.

6.5CVSS7.1AI score0.00089EPSS
CVE
CVE
added 2020/01/15 5:15 p.m.308 views

CVE-2020-2593

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mu...

5.8CVSS4.9AI score0.00398EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.307 views

CVE-2016-3137

drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port...

4.9CVSS5.3AI score0.00021EPSS
CVE
CVE
added 2019/04/29 3:29 p.m.306 views

CVE-2019-11596

In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.

7.5CVSS7.2AI score0.01308EPSS
CVE
CVE
added 2019/09/24 8:15 p.m.306 views

CVE-2019-12068

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop i...

3.8CVSS5.2AI score0.00109EPSS
CVE
CVE
added 2019/08/16 2:15 p.m.306 views

CVE-2019-15118

check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.

5.5CVSS6.5AI score0.00136EPSS
CVE
CVE
added 2020/05/27 3:15 p.m.306 views

CVE-2020-13630

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.

7CVSS7.5AI score0.00177EPSS
CVE
CVE
added 2018/11/16 8:29 p.m.305 views

CVE-2018-18955

In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resou...

7CVSS6.8AI score0.1106EPSS
CVE
CVE
added 2019/07/05 1:15 a.m.305 views

CVE-2019-13307

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.

7.8CVSS8.1AI score0.00149EPSS
CVE
CVE
added 2020/09/02 5:15 p.m.305 views

CVE-2020-15810

An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the p...

6.5CVSS6.8AI score0.00075EPSS
CVE
CVE
added 2016/07/23 7:59 p.m.304 views

CVE-2016-5131

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

8.8CVSS7.8AI score0.04195EPSS
CVE
CVE
added 2018/07/19 1:29 p.m.304 views

CVE-2018-14404

A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vuln...

7.5CVSS6.3AI score0.2363EPSS
CVE
CVE
added 2020/01/03 10:15 p.m.304 views

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.

7.5CVSS8.2AI score0.01346EPSS
CVE
CVE
added 2019/02/21 5:29 a.m.304 views

CVE-2019-8980

A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.

7.8CVSS7AI score0.0173EPSS
CVE
CVE
added 2020/05/09 9:15 p.m.304 views

CVE-2020-12768

An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot, the size is negligible, and it can't be triggered at will

5.5CVSS5.7AI score0.00062EPSS
CVE
CVE
added 2020/05/28 12:15 p.m.304 views

CVE-2020-13645

In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verifica...

6.5CVSS6.4AI score0.00569EPSS
CVE
CVE
added 2025/01/31 2:15 a.m.304 views

CVE-2022-1736

Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default.

9.8CVSS6.3AI score0.00269EPSS
Total number of security vulnerabilities4105