Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2016/04/15 2:59 p.m.89 views

CVE-2016-3961

Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area.

5.5CVSS5.6AI score0.00126EPSS
CVE
CVE
added 2016/04/13 4:59 p.m.89 views

CVE-2016-3981

Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file.

9.3CVSS8.6AI score0.00953EPSS
CVE
CVE
added 2016/05/23 7:59 p.m.89 views

CVE-2016-4037

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.

6CVSS6.7AI score0.00093EPSS
CVE
CVE
added 2017/09/07 6:29 a.m.89 views

CVE-2017-14175

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over ...

7.1CVSS6.9AI score0.00579EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.89 views

CVE-2017-7160

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.00889EPSS
CVE
CVE
added 2017/05/23 4:29 a.m.89 views

CVE-2017-9208

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.

5.5CVSS5.2AI score0.00432EPSS
CVE
CVE
added 2018/03/06 5:29 p.m.89 views

CVE-2018-7726

An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.4AI score0.00348EPSS
CVE
CVE
added 2019/03/11 5:29 a.m.89 views

CVE-2019-9656

An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.

8.8CVSS8.4AI score0.00324EPSS
CVE
CVE
added 2022/09/02 4:15 a.m.89 views

CVE-2022-39177

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.

8.8CVSS8.1AI score0.00049EPSS
CVE
CVE
added 2007/05/14 9:19 p.m.88 views

CVE-2007-2444

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

7.2CVSS6.3AI score0.01384EPSS
CVE
CVE
added 2008/09/24 8:37 p.m.88 views

CVE-2008-3837

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a v...

9.3CVSS9.6AI score0.30478EPSS
CVE
CVE
added 2008/12/17 11:30 p.m.88 views

CVE-2008-5506

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect to a reso...

6.8CVSS9.7AI score0.01236EPSS
CVE
CVE
added 2009/02/02 7:30 p.m.88 views

CVE-2009-0385

Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference.

9.3CVSS6.6AI score0.11552EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.88 views

CVE-2012-4204

The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

9.3CVSS8.9AI score0.03013EPSS
CVE
CVE
added 2013/01/13 8:55 p.m.88 views

CVE-2013-0763

Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors r...

9.3CVSS9.3AI score0.01107EPSS
CVE
CVE
added 2013/07/17 1:41 p.m.88 views

CVE-2013-3809

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.

4CVSS4.9AI score0.00424EPSS
CVE
CVE
added 2014/12/15 6:59 p.m.88 views

CVE-2014-6053

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted mess...

5CVSS7.8AI score0.36865EPSS
CVE
CVE
added 2014/12/09 11:59 p.m.88 views

CVE-2014-8504

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

7.5CVSS8.4AI score0.03302EPSS
CVE
CVE
added 2014/12/11 2:59 a.m.88 views

CVE-2014-8602

iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.

4.3CVSS6.3AI score0.10503EPSS
CVE
CVE
added 2014/11/26 3:59 p.m.88 views

CVE-2014-9093

LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.

7.5CVSS7.5AI score0.0327EPSS
CVE
CVE
added 2015/02/08 11:59 a.m.88 views

CVE-2014-9667

sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.

6.8CVSS7.9AI score0.01712EPSS
CVE
CVE
added 2016/04/13 2:59 p.m.88 views

CVE-2014-9766

Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via large height and stride values.

9.8CVSS9.8AI score0.10737EPSS
CVE
CVE
added 2015/07/16 11:0 a.m.88 views

CVE-2015-2661

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.

2.1CVSS4.6AI score0.0012EPSS
CVE
CVE
added 2015/04/01 2:59 p.m.88 views

CVE-2015-2756

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then access...

4.9CVSS5.7AI score0.00119EPSS
CVE
CVE
added 2015/08/16 1:59 a.m.88 views

CVE-2015-4486

The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.

10CVSS7.4AI score0.02192EPSS
CVE
CVE
added 2015/12/29 10:59 p.m.88 views

CVE-2015-7540

The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.

7.5CVSS5.9AI score0.10209EPSS
CVE
CVE
added 2017/07/24 1:29 a.m.88 views

CVE-2017-11591

There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.

7.5CVSS7.2AI score0.00362EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.88 views

CVE-2017-13884

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" comp...

8.8CVSS7.7AI score0.00937EPSS
CVE
CVE
added 2017/12/11 2:29 a.m.88 views

CVE-2017-17504

ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.

6.5CVSS7AI score0.00979EPSS
CVE
CVE
added 2019/11/04 9:15 p.m.88 views

CVE-2017-5331

Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.

7.8CVSS7.7AI score0.00089EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.88 views

CVE-2017-7165

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" comp...

8.8CVSS7.7AI score0.00937EPSS
CVE
CVE
added 2018/03/27 9:29 a.m.88 views

CVE-2018-0202

clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) ...

5.5CVSS6.9AI score0.02008EPSS
CVE
CVE
added 2018/06/28 2:29 p.m.88 views

CVE-2018-12931

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

7.8CVSS7.8AI score0.00113EPSS
CVE
CVE
added 2018/11/02 10:29 p.m.88 views

CVE-2018-16847

An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU pr...

7.8CVSS8.4AI score0.00086EPSS
CVE
CVE
added 2018/02/15 8:29 p.m.88 views

CVE-2018-7051

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings.

7.5CVSS8.2AI score0.00637EPSS
CVE
CVE
added 2019/03/25 12:29 a.m.88 views

CVE-2019-10018

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.

5.5CVSS5.8AI score0.00486EPSS
CVE
CVE
added 2020/06/25 12:15 a.m.88 views

CVE-2020-5963

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.

7.8CVSS7.3AI score0.00067EPSS
CVE
CVE
added 2007/07/30 11:17 p.m.87 views

CVE-2007-3387

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that trigg...

6.8CVSS7.9AI score0.11401EPSS
CVE
CVE
added 2008/06/16 9:41 p.m.87 views

CVE-2008-2712

Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and (5) netrw. NOTE: the ...

9.3CVSS9.2AI score0.09987EPSS
CVE
CVE
added 2008/12/29 3:24 p.m.87 views

CVE-2008-4539

Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incor...

7.2CVSS8.1AI score0.00158EPSS
CVE
CVE
added 2010/03/05 7:30 p.m.87 views

CVE-2010-0302

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client ...

7.5CVSS7.4AI score0.09847EPSS
CVE
CVE
added 2010/09/30 3:0 p.m.87 views

CVE-2010-2537

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.

7.1CVSS6.5AI score0.0009EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.87 views

CVE-2012-4180

Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecifie...

9.3CVSS9.6AI score0.09485EPSS
CVE
CVE
added 2013/09/25 10:31 a.m.87 views

CVE-2013-1060

A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd directory, which allows l...

6.9CVSS7.2AI score0.00053EPSS
CVE
CVE
added 2014/02/28 6:18 a.m.87 views

CVE-2014-2038

The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by wri...

2.1CVSS6.7AI score0.00051EPSS
CVE
CVE
added 2014/09/04 5:55 p.m.87 views

CVE-2014-5461

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

5CVSS8.6AI score0.1847EPSS
CVE
CVE
added 2014/12/15 6:59 p.m.87 views

CVE-2014-6052

The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1...

7.5CVSS8.9AI score0.0454EPSS
CVE
CVE
added 2015/01/22 10:59 p.m.87 views

CVE-2014-7926

The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero...

7.5CVSS9.5AI score0.02277EPSS
CVE
CVE
added 2014/12/09 11:59 p.m.87 views

CVE-2014-8484

The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.

5CVSS7.9AI score0.0202EPSS
CVE
CVE
added 2015/03/25 2:59 p.m.87 views

CVE-2015-2317

The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x0...

4.3CVSS5.5AI score0.03149EPSS
Total number of security vulnerabilities4105