Lucene search

K
CanonicalUbuntu Linux

4105 matches found

cve
cve
added 2015/06/03 8:59 p.m.87 views

CVE-2015-4106

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

4.6CVSS7.6AI score0.00085EPSS
cve
cve
added 2015/07/16 11:0 a.m.87 views

CVE-2015-4761

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.

3.5CVSS4.5AI score0.00661EPSS
cve
cve
added 2015/10/26 5:59 p.m.87 views

CVE-2015-7674

Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.

6.8CVSS7.9AI score0.01027EPSS
cve
cve
added 2017/04/14 6:59 p.m.87 views

CVE-2016-0727

The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrar...

7.8CVSS7.4AI score0.03285EPSS
cve
cve
added 2016/03/29 10:59 a.m.87 views

CVE-2016-1649

The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via craft...

9.3CVSS8.7AI score0.02814EPSS
cve
cve
added 2016/05/10 7:59 p.m.87 views

CVE-2016-4553

client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.

8.6CVSS8.2AI score0.39528EPSS
cve
cve
added 2017/09/07 6:29 a.m.87 views

CVE-2017-14172

In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" ...

7.1CVSS6.8AI score0.00579EPSS
cve
cve
added 2017/05/23 4:29 a.m.87 views

CVE-2017-9210

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3.

5.5CVSS5.2AI score0.00283EPSS
cve
cve
added 2018/04/03 6:29 a.m.87 views

CVE-2018-4118

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers ...

8.8CVSS8.7AI score0.00579EPSS
cve
cve
added 2019/08/29 5:15 p.m.87 views

CVE-2019-15717

Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP.

9.8CVSS9.2AI score0.00763EPSS
cve
cve
added 2025/05/30 6:15 p.m.87 views

CVE-2025-5054

Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function _check_global_pid_and_forward, which detects if the crashing process resided in a container, was being call...

4.7CVSS6.1AI score0.00013EPSS
cve
cve
added 2007/04/06 1:19 a.m.86 views

CVE-2007-1216

Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary co...

9CVSS9.3AI score0.11518EPSS
cve
cve
added 2007/04/06 1:19 a.m.86 views

CVE-2007-1887

Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with ...

7.5CVSS7.9AI score0.03509EPSS
cve
cve
added 2007/06/26 10:30 p.m.86 views

CVE-2007-2443

Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.

8.3CVSS9.5AI score0.2536EPSS
cve
cve
added 2007/09/04 6:17 p.m.86 views

CVE-2007-3998

The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, ""'...

5CVSS7.4AI score0.05186EPSS
cve
cve
added 2009/01/28 6:30 p.m.86 views

CVE-2009-0322

drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/.

4.9CVSS4.3AI score0.00045EPSS
Web
cve
cve
added 2010/07/13 8:30 p.m.86 views

CVE-2010-2008

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA ...

3.5CVSS6.2AI score0.04623EPSS
cve
cve
added 2011/07/07 9:55 p.m.86 views

CVE-2011-2192

The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.

4.3CVSS6.8AI score0.0151EPSS
cve
cve
added 2011/07/17 8:55 p.m.86 views

CVE-2011-2501

The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of erro...

6.5CVSS7AI score0.02457EPSS
cve
cve
added 2012/06/05 10:55 p.m.86 views

CVE-2012-0259

The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.

6.5CVSS6.8AI score0.01434EPSS
cve
cve
added 2013/01/13 8:55 p.m.86 views

CVE-2013-0770

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

9.3CVSS9.8AI score0.00939EPSS
cve
cve
added 2013/10/03 9:55 p.m.86 views

CVE-2013-4327

systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.

6.9CVSS6.2AI score0.00042EPSS
cve
cve
added 2014/10/25 10:55 p.m.86 views

CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

3.7CVSS7AI score0.09333EPSS
cve
cve
added 2014/10/20 5:55 p.m.86 views

CVE-2014-3564

Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific orde...

6.8CVSS7.6AI score0.03193EPSS
cve
cve
added 2014/12/16 11:59 p.m.86 views

CVE-2014-5353

The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demo...

3.5CVSS6.4AI score0.00458EPSS
cve
cve
added 2014/12/29 12:59 a.m.86 views

CVE-2014-8132

Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet.

5CVSS6.1AI score0.02784EPSS
cve
cve
added 2016/09/20 2:15 p.m.86 views

CVE-2015-8917

bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.

7.5CVSS7.5AI score0.05663EPSS
cve
cve
added 2016/09/20 2:15 p.m.86 views

CVE-2015-8919

The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.

7.5CVSS7.3AI score0.0645EPSS
cve
cve
added 2016/04/07 6:59 p.m.86 views

CVE-2016-3947

Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 pac...

8.2CVSS8.1AI score0.53872EPSS
cve
cve
added 2018/01/02 3:29 p.m.86 views

CVE-2017-1000445

ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service

6.5CVSS6.9AI score0.01758EPSS
cve
cve
added 2017/05/23 4:29 a.m.86 views

CVE-2017-9209

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2.

5.5CVSS5.2AI score0.00232EPSS
cve
cve
added 2018/04/29 3:29 a.m.86 views

CVE-2018-10529

An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.

8.8CVSS8.3AI score0.00423EPSS
cve
cve
added 2018/12/20 11:29 p.m.86 views

CVE-2018-20191

hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).

7.5CVSS6.9AI score0.01625EPSS
cve
cve
added 2018/02/19 1:29 p.m.86 views

CVE-2018-5378

The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash.

7.1CVSS7.2AI score0.03721EPSS
cve
cve
added 2018/02/23 10:29 p.m.86 views

CVE-2018-7443

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c).

6.5CVSS6.2AI score0.01218EPSS
cve
cve
added 2006/12/20 1:28 a.m.85 views

CVE-2006-6503

Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI.

6.8CVSS5.5AI score0.10286EPSS
cve
cve
added 2008/03/17 9:44 p.m.85 views

CVE-2008-0888

The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.

9.3CVSS9.6AI score0.16899EPSS
cve
cve
added 2008/08/08 6:41 p.m.85 views

CVE-2008-3272

The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obt...

2.1CVSS5.8AI score0.00063EPSS
cve
cve
added 2008/11/13 11:30 a.m.85 views

CVE-2008-5017

Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors.

10CVSS9.4AI score0.17422EPSS
cve
cve
added 2008/12/17 11:30 p.m.85 views

CVE-2008-5512

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown vectors in which "page content can pollute XPCNati...

6.8CVSS9.8AI score0.05142EPSS
cve
cve
added 2009/01/26 3:30 p.m.85 views

CVE-2009-0269

fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array in...

4.9CVSS5AI score0.00082EPSS
cve
cve
added 2010/02/22 1:0 p.m.85 views

CVE-2010-0159

The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlock...

10CVSS8.8AI score0.02147EPSS
cve
cve
added 2012/05/29 8:55 p.m.85 views

CVE-2012-1988

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pa...

6CVSS7AI score0.00492EPSS
cve
cve
added 2013/01/17 1:55 a.m.85 views

CVE-2013-0371

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.

4CVSS4.5AI score0.00713EPSS
cve
cve
added 2014/05/08 2:29 p.m.85 views

CVE-2014-0190

The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.

4.3CVSS8.2AI score0.02801EPSS
cve
cve
added 2015/01/16 4:59 p.m.85 views

CVE-2015-0221

The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file.

5CVSS6.2AI score0.08824EPSS
cve
cve
added 2015/08/16 1:59 a.m.85 views

CVE-2015-4474

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10CVSS8AI score0.03783EPSS
cve
cve
added 2015/10/21 11:59 p.m.85 views

CVE-2015-4866

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

4CVSS5AI score0.00475EPSS
cve
cve
added 2015/11/16 11:59 a.m.85 views

CVE-2015-7312

Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to ...

4.4CVSS5.8AI score0.00039EPSS
cve
cve
added 2016/04/21 10:59 a.m.85 views

CVE-2016-0661

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options.

4.7CVSS4.8AI score0.00229EPSS
Total number of security vulnerabilities4105