Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2016/04/13 4:59 p.m.88 views

CVE-2016-3981

Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file.

9.3CVSS8.6AI score0.00953EPSS
CVE
CVE
added 2016/05/23 7:59 p.m.88 views

CVE-2016-4037

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.

6CVSS6.7AI score0.00093EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.88 views

CVE-2017-13884

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" comp...

8.8CVSS7.7AI score0.00937EPSS
CVE
CVE
added 2017/09/07 6:29 a.m.88 views

CVE-2017-14175

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over ...

7.1CVSS6.9AI score0.00579EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.88 views

CVE-2017-7165

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" comp...

8.8CVSS7.7AI score0.00937EPSS
CVE
CVE
added 2017/05/23 4:29 a.m.88 views

CVE-2017-9208

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.

5.5CVSS5.2AI score0.00432EPSS
CVE
CVE
added 2018/09/19 4:29 p.m.88 views

CVE-2018-17204

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and ...

4.3CVSS4.8AI score0.01127EPSS
CVE
CVE
added 2018/03/06 5:29 p.m.88 views

CVE-2018-7726

An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.4AI score0.00348EPSS
CVE
CVE
added 2019/03/25 12:29 a.m.88 views

CVE-2019-10018

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.

5.5CVSS5.8AI score0.00486EPSS
CVE
CVE
added 2019/03/11 5:29 a.m.88 views

CVE-2019-9656

An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.

8.8CVSS8.4AI score0.00324EPSS
CVE
CVE
added 2020/06/25 12:15 a.m.88 views

CVE-2020-5963

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.

7.8CVSS7.3AI score0.00067EPSS
CVE
CVE
added 2006/12/20 1:28 a.m.87 views

CVE-2006-6501

Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.

6.8CVSS6.7AI score0.27207EPSS
CVE
CVE
added 2007/11/02 4:46 p.m.87 views

CVE-2007-4829

Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.

6.8CVSS6.3AI score0.01802EPSS
CVE
CVE
added 2008/12/29 3:24 p.m.87 views

CVE-2008-4539

Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incor...

7.2CVSS8.1AI score0.00158EPSS
CVE
CVE
added 2008/11/13 11:30 a.m.87 views

CVE-2008-5019

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors.

4.3CVSS8.9AI score0.12823EPSS
CVE
CVE
added 2008/11/13 11:30 a.m.87 views

CVE-2008-5021

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is stil...

9.3CVSS10AI score0.25259EPSS
CVE
CVE
added 2009/02/02 7:30 p.m.87 views

CVE-2009-0385

Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference.

9.3CVSS6.6AI score0.11552EPSS
Web
CVE
CVE
added 2010/03/05 7:30 p.m.87 views

CVE-2010-0302

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client ...

7.5CVSS7.4AI score0.09847EPSS
CVE
CVE
added 2010/09/30 3:0 p.m.87 views

CVE-2010-2537

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.

7.1CVSS6.5AI score0.0009EPSS
CVE
CVE
added 2012/10/17 12:55 a.m.87 views

CVE-2012-3180

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

4CVSS4.2AI score0.00613EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.87 views

CVE-2012-3984

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling.

6.8CVSS8.9AI score0.01951EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.87 views

CVE-2012-3995

The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecifi...

9.3CVSS9.4AI score0.01805EPSS
CVE
CVE
added 2013/09/25 10:31 a.m.87 views

CVE-2013-1060

A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows l...

6.9CVSS7.2AI score0.00053EPSS
CVE
CVE
added 2013/07/16 2:8 p.m.87 views

CVE-2013-1943

The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted applicat...

7.8CVSS6.9AI score0.00124EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.87 views

CVE-2013-6671

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.

10CVSS9.6AI score0.10399EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.87 views

CVE-2013-6672

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.

4.3CVSS9AI score0.00931EPSS
CVE
CVE
added 2014/04/23 3:55 p.m.87 views

CVE-2014-0472

The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path."

5.1CVSS7AI score0.06894EPSS
CVE
CVE
added 2014/04/16 1:55 a.m.87 views

CVE-2014-2397

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

9.3CVSS8.3AI score0.04372EPSS
CVE
CVE
added 2014/12/09 11:59 p.m.87 views

CVE-2014-8504

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

7.5CVSS8.4AI score0.03302EPSS
CVE
CVE
added 2014/11/26 3:59 p.m.87 views

CVE-2014-9093

LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.

7.5CVSS7.5AI score0.0327EPSS
CVE
CVE
added 2015/02/08 11:59 a.m.87 views

CVE-2014-9667

sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.

6.8CVSS7.9AI score0.01712EPSS
CVE
CVE
added 2015/04/01 10:59 a.m.87 views

CVE-2015-0805

The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (me...

7.5CVSS9.5AI score0.01906EPSS
CVE
CVE
added 2015/02/25 11:59 a.m.87 views

CVE-2015-0834

The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time wi...

4.3CVSS9AI score0.00587EPSS
CVE
CVE
added 2015/03/25 2:59 p.m.87 views

CVE-2015-2317

The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x0...

4.3CVSS5.5AI score0.0372EPSS
CVE
CVE
added 2015/04/01 2:59 p.m.87 views

CVE-2015-2756

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then access...

4.9CVSS5.7AI score0.00119EPSS
CVE
CVE
added 2015/06/03 8:59 p.m.87 views

CVE-2015-4106

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

4.6CVSS7.6AI score0.00085EPSS
CVE
CVE
added 2015/08/16 1:59 a.m.87 views

CVE-2015-4486

The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.

10CVSS7.4AI score0.02192EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.87 views

CVE-2016-1677

uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."

6.5CVSS6.7AI score0.10058EPSS
CVE
CVE
added 2016/05/10 7:59 p.m.87 views

CVE-2016-4553

client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.

8.6CVSS8.2AI score0.39528EPSS
CVE
CVE
added 2017/07/24 1:29 a.m.87 views

CVE-2017-11591

There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.

7.5CVSS7.2AI score0.00491EPSS
CVE
CVE
added 2017/09/07 6:29 a.m.87 views

CVE-2017-14172

In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" ...

7.1CVSS6.8AI score0.00579EPSS
CVE
CVE
added 2017/12/11 2:29 a.m.87 views

CVE-2017-17504

ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.

6.5CVSS7AI score0.00979EPSS
CVE
CVE
added 2017/05/23 4:29 a.m.87 views

CVE-2017-9210

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3.

5.5CVSS5.2AI score0.00283EPSS
CVE
CVE
added 2018/03/27 9:29 a.m.87 views

CVE-2018-0202

clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) ...

5.5CVSS6.9AI score0.02008EPSS
CVE
CVE
added 2018/11/02 10:29 p.m.87 views

CVE-2018-16847

An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU pr...

7.8CVSS8.4AI score0.00086EPSS
CVE
CVE
added 2018/10/26 2:29 p.m.87 views

CVE-2018-18661

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.

6.5CVSS7.1AI score0.00304EPSS
CVE
CVE
added 2018/02/15 8:29 p.m.87 views

CVE-2018-7051

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings.

7.5CVSS8.2AI score0.00637EPSS
CVE
CVE
added 2019/08/29 5:15 p.m.87 views

CVE-2019-15717

Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP.

9.8CVSS9.2AI score0.00763EPSS
CVE
CVE
added 2007/10/04 4:17 p.m.86 views

CVE-2007-5191

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.

7.2CVSS6.2AI score0.00097EPSS
CVE
CVE
added 2008/09/24 8:37 p.m.86 views

CVE-2008-3837

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a v...

9.3CVSS9.6AI score0.35534EPSS
Total number of security vulnerabilities4105