Lucene search

K
CanonicalUbuntu Linux

4105 matches found

cve
cve
added 2019/10/16 6:15 p.m.297 views

CVE-2019-2962

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple proto...

4.3CVSS4AI score0.00256EPSS
cve
cve
added 2020/06/01 7:15 p.m.297 views

CVE-2020-13757

Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causi...

7.5CVSS7.2AI score0.00083EPSS
cve
cve
added 2019/07/09 5:15 p.m.296 views

CVE-2019-13454

ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.

6.5CVSS7.8AI score0.00356EPSS
cve
cve
added 2020/04/06 1:15 a.m.296 views

CVE-2020-11565

An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability...

6CVSS6.3AI score0.00114EPSS
cve
cve
added 2020/05/19 2:15 p.m.296 views

CVE-2020-12663

Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.

7.5CVSS7.5AI score0.07701EPSS
cve
cve
added 2020/10/13 8:15 p.m.296 views

CVE-2020-25645

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The mai...

7.5CVSS7.1AI score0.00083EPSS
cve
cve
added 2022/07/04 9:15 p.m.296 views

CVE-2022-34918

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an ...

7.8CVSS7.5AI score0.40818EPSS
cve
cve
added 2017/02/09 3:59 p.m.295 views

CVE-2016-2147

Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.

7.5CVSS8.1AI score0.02203EPSS
cve
cve
added 2008/05/05 5:20 p.m.294 views

CVE-2008-0599

The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.

10CVSS9.6AI score0.54455EPSS
In wild
cve
cve
added 2018/06/08 9:29 p.m.294 views

CVE-2018-12020

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent ...

7.5CVSS7.8AI score0.01336EPSS
cve
cve
added 2018/08/20 8:29 a.m.294 views

CVE-2018-15594

arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.

5.5CVSS6AI score0.00054EPSS
cve
cve
added 2018/10/17 1:31 a.m.294 views

CVE-2018-3136

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mult...

3.4CVSS4.7AI score0.00162EPSS
cve
cve
added 2020/07/15 10:15 p.m.294 views

CVE-2019-20908

An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.

6.9CVSS6.4AI score0.00024EPSS
cve
cve
added 2018/07/26 6:29 p.m.293 views

CVE-2018-10879

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.

7.8CVSS7.4AI score0.00044EPSS
cve
cve
added 2018/08/03 5:29 p.m.293 views

CVE-2018-14574

django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.

6.1CVSS6.2AI score0.12041EPSS
cve
cve
added 2019/12/03 4:15 p.m.293 views

CVE-2019-19534

In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.

2.4CVSS5.9AI score0.00079EPSS
cve
cve
added 2019/10/16 6:15 p.m.293 views

CVE-2019-2992

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple proto...

4.3CVSS4AI score0.00565EPSS
cve
cve
added 2019/04/11 4:29 p.m.293 views

CVE-2019-3460

A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.

6.5CVSS7AI score0.00188EPSS
cve
cve
added 2018/05/10 1:29 p.m.292 views

CVE-2018-1130

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

5.5CVSS5.9AI score0.0003EPSS
cve
cve
added 2018/07/18 1:29 p.m.292 views

CVE-2018-3066

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocol...

4.9CVSS3.6AI score0.0013EPSS
cve
cve
added 2020/07/29 6:15 p.m.292 views

CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 ...

6.4CVSS7.7AI score0.00064EPSS
cve
cve
added 2018/07/05 6:29 p.m.291 views

CVE-2018-12910

The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.

9.8CVSS8.7AI score0.06804EPSS
cve
cve
added 2019/07/11 7:15 p.m.291 views

CVE-2019-12527

An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user contr...

8.8CVSS9.2AI score0.18917EPSS
cve
cve
added 2019/09/25 6:15 p.m.291 views

CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

7.5CVSS7.5AI score0.00167EPSS
cve
cve
added 2020/05/09 9:15 p.m.291 views

CVE-2020-12768

An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot, the size is negligible, and it can't be triggered at will

5.5CVSS5.7AI score0.00076EPSS
cve
cve
added 2020/01/15 5:15 p.m.291 views

CVE-2020-2601

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerb...

6.8CVSS6.7AI score0.00478EPSS
cve
cve
added 2018/12/20 5:29 p.m.290 views

CVE-2018-1000858

GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window...

8.8CVSS8AI score0.00216EPSS
cve
cve
added 2018/05/15 4:29 p.m.290 views

CVE-2018-1087

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch o...

8CVSS6.3AI score0.0003EPSS
cve
cve
added 2018/07/18 1:29 p.m.290 views

CVE-2018-3077

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Se...

4.9CVSS4.8AI score0.00474EPSS
cve
cve
added 2018/08/10 3:29 p.m.290 views

CVE-2018-6556

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (rea...

3.3CVSS3.9AI score0.00043EPSS
cve
cve
added 2019/09/04 7:15 p.m.290 views

CVE-2019-15918

An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.

7.8CVSS7.7AI score0.00109EPSS
cve
cve
added 2019/10/16 6:15 p.m.290 views

CVE-2019-2920

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 5.3.13 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL ...

5.3CVSS4.5AI score0.02738EPSS
cve
cve
added 2019/09/24 10:15 p.m.290 views

CVE-2019-5094

An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.

7.5CVSS7AI score0.00331EPSS
cve
cve
added 2020/07/29 6:15 p.m.290 views

CVE-2020-15705

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. Thi...

6.4CVSS7.1AI score0.00024EPSS
cve
cve
added 2020/04/15 2:15 p.m.289 views

CVE-2020-2816

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability c...

7.5CVSS6.8AI score0.00541EPSS
cve
cve
added 2016/02/17 3:59 p.m.288 views

CVE-2016-0766

PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.

9CVSS8.6AI score0.00971EPSS
cve
cve
added 2016/07/03 9:59 p.m.288 views

CVE-2016-4997

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value...

7.8CVSS7.5AI score0.05222EPSS
cve
cve
added 2019/08/19 10:15 p.m.288 views

CVE-2019-15216

An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.

4.9CVSS6AI score0.00043EPSS
cve
cve
added 2020/01/15 5:15 p.m.288 views

CVE-2020-2593

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mu...

5.8CVSS4.9AI score0.00398EPSS
cve
cve
added 2018/07/30 4:29 p.m.287 views

CVE-2018-10883

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.

5.5CVSS6.1AI score0.00077EPSS
cve
cve
added 2019/11/18 6:15 a.m.287 views

CVE-2019-19074

A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.

7.8CVSS7.8AI score0.00574EPSS
cve
cve
added 2020/03/02 5:15 a.m.287 views

CVE-2020-6794

If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Thunderbird 60. The new master passwo...

6.5CVSS6.8AI score0.00326EPSS
cve
cve
added 2019/07/11 7:15 p.m.286 views

CVE-2019-10192

A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up...

7.2CVSS6.8AI score0.16771EPSS
cve
cve
added 2019/08/19 10:15 p.m.286 views

CVE-2019-15218

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.

4.9CVSS6.1AI score0.00099EPSS
cve
cve
added 2020/03/02 5:15 a.m.286 views

CVE-2020-6792

When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird

4.3CVSS5.6AI score0.00779EPSS
cve
cve
added 2020/05/26 6:15 p.m.286 views

CVE-2020-6831

A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird

9.8CVSS9.5AI score0.1015EPSS
cve
cve
added 2014/03/24 4:40 p.m.285 views

CVE-2014-2523

net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet...

10CVSS7.2AI score0.03555EPSS
Web
cve
cve
added 2017/10/03 1:29 a.m.285 views

CVE-2017-14495

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.

7.5CVSS8.2AI score0.60149EPSS
cve
cve
added 2018/10/30 6:29 p.m.285 views

CVE-2018-18281

Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical...

7.8CVSS6.1AI score0.00514EPSS
cve
cve
added 2019/02/05 9:29 p.m.285 views

CVE-2018-18505

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the...

10CVSS7.2AI score0.0372EPSS
Total number of security vulnerabilities4105