Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2018/07/09 1:29 p.m.275 views

CVE-2018-13785

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

6.5CVSS7.7AI score0.02195EPSS
CVE
CVE
added 2018/10/26 2:29 p.m.275 views

CVE-2018-15686

A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and inclu...

7.8CVSS6.4AI score0.01521EPSS
Web
CVE
CVE
added 2019/10/14 2:15 a.m.275 views

CVE-2019-17539

In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.

9.8CVSS9.3AI score0.00597EPSS
CVE
CVE
added 2020/07/09 3:15 p.m.275 views

CVE-2020-12406

Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR

9.3CVSS8.3AI score0.00342EPSS
CVE
CVE
added 2016/06/27 10:59 a.m.274 views

CVE-2016-0758

Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.

7.8CVSS7.6AI score0.00204EPSS
CVE
CVE
added 2019/02/05 9:29 p.m.274 views

CVE-2018-18501

Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thu...

9.8CVSS8AI score0.02592EPSS
CVE
CVE
added 2018/02/12 7:29 p.m.274 views

CVE-2018-6927

The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.

7.8CVSS7AI score0.00084EPSS
CVE
CVE
added 2020/04/15 7:15 p.m.274 views

CVE-2019-12524

An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is imp...

9.8CVSS9.2AI score0.00861EPSS
CVE
CVE
added 2019/09/06 7:15 p.m.274 views

CVE-2019-9854

LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice insta...

7.8CVSS8.6AI score0.00434EPSS
CVE
CVE
added 2019/04/24 3:29 p.m.274 views

CVE-2019-9928

GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.

8.8CVSS8.8AI score0.08461EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.274 views

CVE-2020-11763

An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.

5.5CVSS5.5AI score0.00363EPSS
CVE
CVE
added 2020/05/22 6:15 p.m.274 views

CVE-2020-13397

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.

5.5CVSS6.2AI score0.00099EPSS
CVE
CVE
added 2007/12/13 6:46 p.m.273 views

CVE-2007-5000

Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified v...

4.3CVSS8AI score0.88746EPSS
CVE
CVE
added 2018/05/24 1:29 p.m.273 views

CVE-2018-1000301

curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have bee...

9.1CVSS7.5AI score0.02174EPSS
CVE
CVE
added 2018/11/13 3:29 p.m.273 views

CVE-2018-16850

postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.

9.8CVSS9.5AI score0.01537EPSS
CVE
CVE
added 2018/10/17 7:29 p.m.273 views

CVE-2018-18445

In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.

7.8CVSS7.2AI score0.00044EPSS
CVE
CVE
added 2019/02/09 4:29 p.m.273 views

CVE-2019-7665

In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.

5.5CVSS6.9AI score0.00108EPSS
CVE
CVE
added 2018/10/31 10:29 p.m.272 views

CVE-2016-6328

A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).

8.1CVSS7.8AI score0.01162EPSS
CVE
CVE
added 2019/07/14 9:15 p.m.272 views

CVE-2019-13602

An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.

7.8CVSS8.9AI score0.00444EPSS
CVE
CVE
added 2019/12/22 8:15 p.m.272 views

CVE-2019-19922

kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, alth...

5.5CVSS6.4AI score0.00057EPSS
CVE
CVE
added 2020/05/22 6:15 p.m.272 views

CVE-2020-13396

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.

7.1CVSS6.9AI score0.00309EPSS
CVE
CVE
added 2020/03/25 10:15 p.m.272 views

CVE-2020-6807

When a device was changed while a stream was about to be destroyed, the stream-reinit task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, an...

8.8CVSS9AI score0.01383EPSS
CVE
CVE
added 2022/09/21 8:15 a.m.272 views

CVE-2022-41222

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.

7CVSS6.7AI score0.00014EPSS
CVE
CVE
added 2015/03/30 10:59 a.m.271 views

CVE-2015-2301

Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name o...

7.5CVSS7.9AI score0.1269EPSS
CVE
CVE
added 2018/03/02 8:29 a.m.271 views

CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation res...

7.1CVSS6.3AI score0.02556EPSS
CVE
CVE
added 2018/03/30 9:29 p.m.271 views

CVE-2018-7566

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

7.8CVSS6.9AI score0.00082EPSS
Web
CVE
CVE
added 2019/07/11 7:15 p.m.271 views

CVE-2019-10193

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past t...

7.2CVSS6.8AI score0.34565EPSS
CVE
CVE
added 2019/03/21 4:1 p.m.271 views

CVE-2019-6778

In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.

7.8CVSS6.5AI score0.00073EPSS
CVE
CVE
added 2020/04/29 1:15 p.m.271 views

CVE-2020-11884

In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.

7CVSS6.6AI score0.00053EPSS
CVE
CVE
added 2020/02/04 8:15 p.m.271 views

CVE-2020-8517

An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexp...

7.5CVSS7.4AI score0.01116EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.270 views

CVE-2018-2755

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure wher...

7.7CVSS6.6AI score0.00159EPSS
CVE
CVE
added 2020/01/08 9:15 p.m.270 views

CVE-2019-11764

Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ...

8.8CVSS9.1AI score0.01071EPSS
CVE
CVE
added 2019/10/03 5:15 p.m.270 views

CVE-2019-15166

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.

7.5CVSS6.8AI score0.00544EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.270 views

CVE-2019-15212

An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.

4.9CVSS5.9AI score0.00108EPSS
CVE
CVE
added 2020/01/08 10:15 p.m.270 views

CVE-2019-17017

Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox

8.8CVSS8.2AI score0.0142EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.270 views

CVE-2020-2767

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability...

5.8CVSS4.6AI score0.00502EPSS
CVE
CVE
added 2019/07/01 8:15 p.m.269 views

CVE-2019-13135

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.

8.8CVSS8.4AI score0.01398EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.269 views

CVE-2019-19054

A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.

4.7CVSS6.2AI score0.00076EPSS
CVE
CVE
added 2019/01/09 4:29 p.m.269 views

CVE-2019-5747

An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte len...

7.5CVSS8.1AI score0.11309EPSS
CVE
CVE
added 2020/01/03 1:15 a.m.269 views

CVE-2020-5310

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.

8.8CVSS8.8AI score0.00513EPSS
CVE
CVE
added 2020/01/08 10:15 p.m.268 views

CVE-2019-17012

Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, ...

8.8CVSS9.2AI score0.0124EPSS
CVE
CVE
added 2019/05/10 7:29 p.m.268 views

CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerabi...

8.1CVSS8.3AI score0.07405EPSS
CVE
CVE
added 2020/09/09 9:15 p.m.268 views

CVE-2020-25219

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.

7.5CVSS7.2AI score0.01204EPSS
CVE
CVE
added 2023/03/27 10:15 p.m.268 views

CVE-2023-0179

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.

7.8CVSS8.1AI score0.0031EPSS
CVE
CVE
added 2016/02/15 7:59 p.m.267 views

CVE-2016-0742

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.

7.5CVSS7.8AI score0.77828EPSS
CVE
CVE
added 2018/08/17 6:29 p.m.267 views

CVE-2018-15471

An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to request queues. When processing a request to set or ...

7.8CVSS8.3AI score0.00088EPSS
CVE
CVE
added 2018/09/05 6:29 a.m.267 views

CVE-2018-16509

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.

9.3CVSS7.2AI score0.92401EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.267 views

CVE-2018-18492

A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox

9.8CVSS7.5AI score0.24EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.267 views

CVE-2018-18493

A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < ...

9.8CVSS7.6AI score0.07844EPSS
CVE
CVE
added 2019/09/09 5:15 p.m.267 views

CVE-2019-16163

Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.

7.5CVSS8.4AI score0.00097EPSS
Total number of security vulnerabilities4105