Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2020/05/28 2:15 p.m.524 views

CVE-2019-20807

In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).

5.3CVSS6AI score0.00086EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.523 views

CVE-2019-2455

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

6.5CVSS6.2AI score0.00197EPSS
CVE
CVE
added 2019/06/03 10:29 p.m.521 views

CVE-2019-12614

An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).

4.7CVSS6.4AI score0.00094EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.521 views

CVE-2019-2739

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructu...

5.1CVSS5.4AI score0.00031EPSS
CVE
CVE
added 2018/03/09 8:29 p.m.519 views

CVE-2018-7537

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a ...

5.3CVSS5.3AI score0.01201EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.519 views

CVE-2019-2627

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multip...

4.9CVSS4.8AI score0.00166EPSS
CVE
CVE
added 2019/12/06 6:15 p.m.515 views

CVE-2019-1551

There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are ...

5.3CVSS6AI score0.04845EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.515 views

CVE-2019-2602

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via mult...

7.5CVSS6.8AI score0.00181EPSS
CVE
CVE
added 2019/02/15 3:29 p.m.515 views

CVE-2019-6974

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

8.1CVSS7.7AI score0.0706EPSS
CVE
CVE
added 2018/03/09 8:29 p.m.514 views

CVE-2018-7536

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1...

5.3CVSS5.7AI score0.01198EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.513 views

CVE-2019-2628

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS4.7AI score0.00161EPSS
CVE
CVE
added 2018/01/03 6:29 a.m.510 views

CVE-2017-18017

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in a...

10CVSS9.5AI score0.38093EPSS
CVE
CVE
added 2018/10/29 1:29 p.m.510 views

CVE-2018-0735

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).

5.9CVSS5.7AI score0.06784EPSS
CVE
CVE
added 2018/08/02 2:29 p.m.510 views

CVE-2018-1336

An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.

7.5CVSS7.7AI score0.03826EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.510 views

CVE-2019-2805

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

6.5CVSS6.3AI score0.00361EPSS
CVE
CVE
added 2019/07/26 1:15 p.m.509 views

CVE-2019-13057

An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization...

4.9CVSS5.9AI score0.00844EPSS
CVE
CVE
added 2020/05/09 9:15 p.m.509 views

CVE-2020-12770

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.

6.7CVSS6.7AI score0.00046EPSS
CVE
CVE
added 2016/03/09 11:59 p.m.508 views

CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.

8.6CVSS8.2AI score0.68032EPSS
CVE
CVE
added 2019/11/14 8:15 p.m.506 views

CVE-2018-12207

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

6.5CVSS7AI score0.00403EPSS
CVE
CVE
added 2018/12/07 9:29 p.m.505 views

CVE-2018-18311

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

9.8CVSS9.6AI score0.12702EPSS
CVE
CVE
added 2018/09/05 7:29 p.m.504 views

CVE-2018-14618

curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequ...

10CVSS9.9AI score0.01243EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.504 views

CVE-2018-3282

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network acce...

4.9CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2018/08/01 6:29 p.m.504 views

CVE-2018-8034

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.

7.5CVSS7.6AI score0.13373EPSS
CVE
CVE
added 2019/01/28 8:29 a.m.504 views

CVE-2019-6978

The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.

9.8CVSS8.7AI score0.02969EPSS
CVE
CVE
added 2020/07/09 4:15 p.m.504 views

CVE-2020-10756

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, r...

6.5CVSS5.9AI score0.00036EPSS
CVE
CVE
added 2019/11/29 3:15 p.m.502 views

CVE-2019-14901

A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is...

10CVSS9.7AI score0.10363EPSS
CVE
CVE
added 2017/10/03 1:29 a.m.500 views

CVE-2017-14492

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

9.8CVSS9AI score0.92641EPSS
CVE
CVE
added 2018/07/30 4:29 p.m.498 views

CVE-2018-10903

A flaw was found in python-cryptography versions between >=1.9.0 and

7.5CVSS7.2AI score0.00251EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.496 views

CVE-2019-9515

Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalen...

7.8CVSS7.7AI score0.05767EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.495 views

CVE-2019-2510

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS4.9AI score0.00167EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.491 views

CVE-2018-3174

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infra...

5.3CVSS6.1AI score0.00034EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.490 views

CVE-2018-3064

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to comprom...

7.1CVSS6.7AI score0.00304EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.489 views

CVE-2019-2737

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr...

4.9CVSS5AI score0.00198EPSS
CVE
CVE
added 2020/04/22 8:15 p.m.489 views

CVE-2020-1983

A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.

7.5CVSS7AI score0.00141EPSS
CVE
CVE
added 2019/12/23 3:15 a.m.488 views

CVE-2019-11046

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII num...

5.3CVSS6.4AI score0.02829EPSS
CVE
CVE
added 2018/06/18 2:29 p.m.486 views

CVE-2018-1060

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

7.5CVSS7.4AI score0.01227EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.486 views

CVE-2020-14550

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise ...

5.3CVSS5.2AI score0.00195EPSS
CVE
CVE
added 2017/11/07 9:29 p.m.485 views

CVE-2017-16642

In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c o...

7.5CVSS8.2AI score0.06222EPSS
CVE
CVE
added 2018/08/03 1:29 p.m.484 views

CVE-2018-14883

An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.

7.5CVSS7.5AI score0.1482EPSS
CVE
CVE
added 2020/01/08 8:15 p.m.484 views

CVE-2019-11745

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR <...

8.8CVSS8.7AI score0.0062EPSS
CVE
CVE
added 2019/02/06 8:29 p.m.483 views

CVE-2019-3820

It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.

4.8CVSS4.5AI score0.0005EPSS
CVE
CVE
added 2019/08/23 6:15 a.m.481 views

CVE-2019-15505

drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).

10CVSS9AI score0.00652EPSS
CVE
CVE
added 2018/10/30 12:29 p.m.479 views

CVE-2018-0734

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0....

5.9CVSS5.9AI score0.04151EPSS
CVE
CVE
added 2019/10/18 9:15 p.m.479 views

CVE-2019-18197

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be discl...

7.5CVSS7.6AI score0.0154EPSS
CVE
CVE
added 2019/04/10 8:29 p.m.478 views

CVE-2019-11068

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

9.8CVSS9.4AI score0.00934EPSS
CVE
CVE
added 2019/06/24 5:15 p.m.475 views

CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

7.8CVSS7.5AI score0.05817EPSS
CVE
CVE
added 2019/05/10 10:29 p.m.475 views

CVE-2019-11884

The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.

3.3CVSS5.6AI score0.0008EPSS
CVE
CVE
added 2019/01/11 2:29 p.m.475 views

CVE-2019-6133

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.

6.7CVSS6.2AI score0.00014EPSS
CVE
CVE
added 2018/04/29 9:29 p.m.471 views

CVE-2018-10548

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.

7.5CVSS6.2AI score0.54396EPSS
CVE
CVE
added 2019/08/14 5:15 p.m.470 views

CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary cipher...

8.1CVSS8.4AI score0.02341EPSS
Total number of security vulnerabilities4105