Lucene search

K
CanonicalUbuntu Linux

4105 matches found

cve
cve
added 2019/09/11 4:15 p.m.284 views

CVE-2019-16233

drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

4.7CVSS6.2AI score0.00096EPSS
cve
cve
added 2020/01/08 4:15 p.m.284 views

CVE-2019-5188

A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.

7.5CVSS6.9AI score0.00041EPSS
cve
cve
added 2020/03/02 11:15 p.m.284 views

CVE-2020-10018

WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling.

9.8CVSS9.6AI score0.02494EPSS
cve
cve
added 2018/07/18 1:29 p.m.283 views

CVE-2018-3063

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS5AI score0.00104EPSS
cve
cve
added 2018/04/17 8:29 p.m.283 views

CVE-2018-6797

An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.

9.8CVSS7.1AI score0.01877EPSS
cve
cve
added 2019/12/10 10:15 p.m.283 views

CVE-2019-13753

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5CVSS6.2AI score0.02219EPSS
cve
cve
added 2019/07/23 11:15 p.m.283 views

CVE-2019-2741

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Log). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise M...

5.3CVSS5.3AI score0.00545EPSS
cve
cve
added 2018/03/14 6:29 p.m.282 views

CVE-2018-1000120

A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.

9.8CVSS7.5AI score0.01385EPSS
cve
cve
added 2018/07/25 1:29 p.m.282 views

CVE-2018-10880

Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.

7.1CVSS5.9AI score0.0153EPSS
cve
cve
added 2019/04/23 7:32 p.m.282 views

CVE-2019-2566

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

4.9CVSS4.6AI score0.00409EPSS
cve
cve
added 2019/07/23 11:15 p.m.282 views

CVE-2019-2762

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...

5.3CVSS4.6AI score0.00341EPSS
cve
cve
added 2019/07/23 11:15 p.m.282 views

CVE-2019-2791

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

5.5CVSS3.7AI score0.00323EPSS
cve
cve
added 2020/04/24 1:15 p.m.282 views

CVE-2020-12137

GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform MIME sniffing, conc...

6.1CVSS6.1AI score0.00494EPSS
cve
cve
added 2020/09/15 2:15 p.m.282 views

CVE-2020-14345

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

7.8CVSS7.7AI score0.00062EPSS
cve
cve
added 2020/06/24 12:15 p.m.282 views

CVE-2020-15011

GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.

4.3CVSS5.6AI score0.01089EPSS
cve
cve
added 2020/03/25 10:15 p.m.282 views

CVE-2020-6814

Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.6, Fir...

9.8CVSS9.9AI score0.00919EPSS
cve
cve
added 2018/07/26 7:29 p.m.281 views

CVE-2015-9261

huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.

5.5CVSS6.9AI score0.00257EPSS
cve
cve
added 2019/11/18 6:15 a.m.281 views

CVE-2019-19058

A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5.

4.7CVSS6.2AI score0.001EPSS
cve
cve
added 2019/11/18 6:15 a.m.281 views

CVE-2019-19066

A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd.

4.7CVSS6.4AI score0.00085EPSS
cve
cve
added 2020/06/03 12:15 a.m.281 views

CVE-2019-20810

go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.

5.5CVSS5.8AI score0.00075EPSS
cve
cve
added 2020/06/15 5:15 a.m.281 views

CVE-2020-14093

Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.

5.9CVSS5.6AI score0.01112EPSS
cve
cve
added 2020/02/25 4:15 p.m.280 views

CVE-2020-9383

An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.

7.1CVSS6.7AI score0.00164EPSS
cve
cve
added 2008/05/05 4:20 p.m.279 views

CVE-2008-2079

MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory...

4.6CVSS7.4AI score0.00513EPSS
Web
cve
cve
added 2018/06/11 10:29 a.m.279 views

CVE-2018-10360

The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.

6.5CVSS5.4AI score0.0069EPSS
cve
cve
added 2018/06/07 1:29 p.m.278 views

CVE-2018-12015

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

7.5CVSS7.6AI score0.07707EPSS
cve
cve
added 2019/03/21 4:1 p.m.278 views

CVE-2019-6116

In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.

7.8CVSS8.1AI score0.51412EPSS
cve
cve
added 2016/04/25 12:59 a.m.277 views

CVE-2016-2115

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.

5.9CVSS6.6AI score0.23265EPSS
In wild
cve
cve
added 2019/07/03 7:15 p.m.277 views

CVE-2019-5051

An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.

8.8CVSS8.7AI score0.02289EPSS
cve
cve
added 2020/07/31 10:15 p.m.277 views

CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.

6CVSS7AI score0.00032EPSS
cve
cve
added 2017/11/15 9:29 p.m.275 views

CVE-2017-15115

The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted sys...

7.8CVSS7.7AI score0.00056EPSS
cve
cve
added 2017/12/20 11:29 p.m.275 views

CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or h...

7.8CVSS7.5AI score0.00109EPSS
cve
cve
added 2018/07/26 6:29 p.m.275 views

CVE-2018-10878

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.

7.8CVSS7.4AI score0.00058EPSS
cve
cve
added 2019/10/14 2:15 a.m.275 views

CVE-2019-17539

In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.

9.8CVSS9.3AI score0.00597EPSS
cve
cve
added 2020/05/21 5:15 p.m.275 views

CVE-2020-13113

An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.

8.2CVSS8.5AI score0.0074EPSS
cve
cve
added 2018/10/31 6:29 p.m.274 views

CVE-2018-16839

Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.

9.8CVSS9.3AI score0.00335EPSS
cve
cve
added 2019/07/03 2:15 p.m.274 views

CVE-2019-13164

qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.

7.8CVSS7.3AI score0.00021EPSS
cve
cve
added 2019/04/24 3:29 p.m.274 views

CVE-2019-9928

GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.

8.8CVSS8.8AI score0.08671EPSS
cve
cve
added 2020/04/14 11:15 p.m.274 views

CVE-2020-11763

An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.

5.5CVSS5.5AI score0.00363EPSS
cve
cve
added 2020/09/02 5:15 p.m.274 views

CVE-2020-15811

An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the b...

6.5CVSS6.8AI score0.00118EPSS
cve
cve
added 2020/04/15 7:15 p.m.273 views

CVE-2019-12524

An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is imp...

9.8CVSS9.2AI score0.00861EPSS
cve
cve
added 2020/05/22 6:15 p.m.273 views

CVE-2020-13397

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.

5.5CVSS6.2AI score0.00075EPSS
cve
cve
added 2016/06/27 10:59 a.m.272 views

CVE-2016-0758

Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.

7.8CVSS7.6AI score0.00204EPSS
cve
cve
added 2018/07/02 12:29 p.m.272 views

CVE-2018-13053

The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.

3.3CVSS6.6AI score0.0004EPSS
cve
cve
added 2018/07/09 1:29 p.m.272 views

CVE-2018-13785

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

6.5CVSS7.7AI score0.02195EPSS
cve
cve
added 2018/04/19 2:29 a.m.272 views

CVE-2018-2799

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network ...

5.3CVSS5AI score0.0014EPSS
cve
cve
added 2019/12/03 4:15 p.m.272 views

CVE-2019-19524

In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.

4.9CVSS6.6AI score0.00075EPSS
cve
cve
added 2019/09/06 7:15 p.m.272 views

CVE-2019-9854

LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice insta...

7.8CVSS8.6AI score0.00434EPSS
cve
cve
added 2018/05/24 1:29 p.m.271 views

CVE-2018-1000301

curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have bee...

9.1CVSS7.5AI score0.02174EPSS
cve
cve
added 2018/10/26 2:29 p.m.271 views

CVE-2018-15686

A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and inclu...

7.8CVSS6.4AI score0.01521EPSS
Web
cve
cve
added 2018/11/13 3:29 p.m.271 views

CVE-2018-16850

postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.

9.8CVSS9.5AI score0.01537EPSS
Total number of security vulnerabilities4105