Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2016/05/23 7:59 p.m.91 views

CVE-2016-4001

Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large packet.

8.6CVSS8.7AI score0.07079EPSS
CVE
CVE
added 2017/08/30 9:29 a.m.91 views

CVE-2017-13769

The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

6.5CVSS6.6AI score0.00531EPSS
CVE
CVE
added 2017/09/20 5:29 p.m.91 views

CVE-2017-14607

In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

8.1CVSS7AI score0.01676EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.91 views

CVE-2017-17879

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.

8.8CVSS7.1AI score0.01108EPSS
CVE
CVE
added 2018/08/25 9:29 p.m.91 views

CVE-2018-15862

Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers.

5.5CVSS5.9AI score0.00044EPSS
CVE
CVE
added 2018/09/19 4:29 p.m.91 views

CVE-2018-17204

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and ...

4.3CVSS4.8AI score0.01127EPSS
CVE
CVE
added 2019/12/17 5:15 a.m.91 views

CVE-2019-19830

core /plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authenticated authors to inject content into the database.

6.5CVSS6.2AI score0.00344EPSS
CVE
CVE
added 2020/06/25 10:15 p.m.91 views

CVE-2020-5967

NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service.

4.7CVSS5.4AI score0.00045EPSS
CVE
CVE
added 2010/09/24 7:0 p.m.90 views

CVE-2010-1772

Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site, related to failure to stop timers associate...

8.8CVSS8.6AI score0.01993EPSS
CVE
CVE
added 2019/12/02 6:15 p.m.90 views

CVE-2012-4428

openslp: SLPIntersectStringList()' Function has a DoS vulnerability

7.5CVSS7.4AI score0.46219EPSS
CVE
CVE
added 2013/01/17 1:55 a.m.90 views

CVE-2012-5060

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.

6.8CVSS4.5AI score0.00946EPSS
CVE
CVE
added 2013/07/16 2:8 p.m.90 views

CVE-2013-1943

The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted applicat...

7.8CVSS6.9AI score0.00124EPSS
CVE
CVE
added 2015/08/12 2:59 p.m.90 views

CVE-2013-7443

Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements.

5CVSS8.4AI score0.01451EPSS
CVE
CVE
added 2015/01/16 4:59 p.m.90 views

CVE-2014-9496

The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.

2.1CVSS6.4AI score0.0012EPSS
CVE
CVE
added 2015/02/08 11:59 a.m.90 views

CVE-2014-9664

FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.

6.8CVSS7.9AI score0.0113EPSS
CVE
CVE
added 2015/02/08 11:59 a.m.90 views

CVE-2014-9670

Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first ...

4.3CVSS7.1AI score0.04289EPSS
CVE
CVE
added 2015/08/16 1:59 a.m.90 views

CVE-2015-4480

Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding.

9.3CVSS9.6AI score0.05658EPSS
CVE
CVE
added 2015/07/16 11:1 a.m.90 views

CVE-2015-4769

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4767.

3.5CVSS4.6AI score0.00822EPSS
CVE
CVE
added 2015/08/24 2:59 p.m.90 views

CVE-2015-5964

The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session ...

5CVSS6.5AI score0.04693EPSS
CVE
CVE
added 2016/09/20 2:15 p.m.90 views

CVE-2015-8922

The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.

5.5CVSS6.1AI score0.00385EPSS
CVE
CVE
added 2016/01/21 3:0 a.m.90 views

CVE-2016-0503

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0504.

4CVSS5.5AI score0.0183EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.90 views

CVE-2016-0610

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

3.5CVSS5.5AI score0.00627EPSS
CVE
CVE
added 2016/02/18 9:59 p.m.90 views

CVE-2016-0795

LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document.

9.3CVSS7.8AI score0.00547EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.90 views

CVE-2016-1677

uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."

6.5CVSS6.7AI score0.10058EPSS
CVE
CVE
added 2017/01/06 9:59 p.m.90 views

CVE-2016-2376

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malicious server or an attacker who intercepts the network traffic can send an invalid size for a packet wh...

8.1CVSS8.2AI score0.06727EPSS
CVE
CVE
added 2016/04/26 2:59 p.m.90 views

CVE-2016-4002

Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.

9.8CVSS9.5AI score0.0595EPSS
CVE
CVE
added 2020/01/22 7:15 p.m.90 views

CVE-2016-4761

WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS

8.8CVSS8.5AI score0.00535EPSS
CVE
CVE
added 2017/08/23 6:29 a.m.90 views

CVE-2017-13145

In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.

6.5CVSS7.5AI score0.01329EPSS
CVE
CVE
added 2018/10/26 2:29 p.m.90 views

CVE-2018-15687

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

7.8CVSS7.6AI score0.00332EPSS
CVE
CVE
added 2018/10/26 2:29 p.m.90 views

CVE-2018-18661

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.

6.5CVSS7.1AI score0.00304EPSS
CVE
CVE
added 2006/12/20 1:28 a.m.89 views

CVE-2006-6501

Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.

6.8CVSS6.7AI score0.26235EPSS
CVE
CVE
added 2007/11/02 4:46 p.m.89 views

CVE-2007-4829

Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.

6.8CVSS6.3AI score0.01802EPSS
CVE
CVE
added 2008/11/13 11:30 a.m.89 views

CVE-2008-5019

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors.

4.3CVSS8.9AI score0.12823EPSS
CVE
CVE
added 2008/11/13 11:30 a.m.89 views

CVE-2008-5021

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is stil...

9.3CVSS10AI score0.25259EPSS
CVE
CVE
added 2008/12/17 11:30 p.m.89 views

CVE-2008-5508

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent URLs and simplify phishing attacks.

4.3CVSS9.8AI score0.02341EPSS
CVE
CVE
added 2009/06/25 1:30 a.m.89 views

CVE-2009-1888

The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory...

5.8CVSS6.2AI score0.05392EPSS
CVE
CVE
added 2009/08/21 5:30 p.m.89 views

CVE-2009-2474

neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Ce...

5.8CVSS6AI score0.01686EPSS
CVE
CVE
added 2009/10/07 6:30 p.m.89 views

CVE-2009-2906

smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.

4CVSS8.8AI score0.00188EPSS
CVE
CVE
added 2010/09/08 8:0 p.m.89 views

CVE-2010-2955

The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c,...

2.1CVSS5.7AI score0.00095EPSS
CVE
CVE
added 2010/09/30 3:0 p.m.89 views

CVE-2010-3079

kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an l...

5.5CVSS5.5AI score0.00122EPSS
CVE
CVE
added 2011/01/28 10:0 p.m.89 views

CVE-2010-3689

soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9CVSS6.2AI score0.00056EPSS
CVE
CVE
added 2010/11/17 1:0 a.m.89 views

CVE-2010-4008

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a...

4.3CVSS5.6AI score0.01623EPSS
CVE
CVE
added 2012/10/17 12:55 a.m.89 views

CVE-2012-3180

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

4CVSS4.2AI score0.00613EPSS
CVE
CVE
added 2013/05/02 2:55 p.m.89 views

CVE-2013-0305

The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information.

4CVSS6AI score0.00209EPSS
CVE
CVE
added 2013/05/02 2:55 p.m.89 views

CVE-2013-0306

The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service (memory consumption) or trigger server errors via a modified max_num parameter.

5CVSS6.5AI score0.00562EPSS
CVE
CVE
added 2013/10/16 5:55 p.m.89 views

CVE-2013-5829

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than ...

10CVSS6.5AI score0.20978EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.89 views

CVE-2014-2413

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Libraries.

4.3CVSS8.1AI score0.00677EPSS
CVE
CVE
added 2015/01/21 7:59 p.m.89 views

CVE-2015-0413

Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability.

1.9CVSS2.8AI score0.00105EPSS
CVE
CVE
added 2016/09/20 2:15 p.m.89 views

CVE-2015-8926

The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.

5.5CVSS6.1AI score0.00409EPSS
CVE
CVE
added 2016/04/13 2:59 p.m.89 views

CVE-2016-2116

Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.

5.7CVSS5.8AI score0.0933EPSS
Total number of security vulnerabilities4105