Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2017/09/18 1:29 a.m.81 views

CVE-2017-14531

ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.

7.1CVSS7AI score0.00707EPSS
CVE
CVE
added 2018/07/19 1:29 p.m.81 views

CVE-2018-12911

WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.

9.8CVSS9.2AI score0.00521EPSS
CVE
CVE
added 2018/12/17 7:29 p.m.81 views

CVE-2018-20123

pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error.

5.5CVSS6AI score0.00154EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.81 views

CVE-2018-4088

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affect...

8.8CVSS7.6AI score0.00673EPSS
CVE
CVE
added 2005/10/25 5:6 p.m.80 views

CVE-2005-2970

Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.

5CVSS6.2AI score0.16301EPSS
CVE
CVE
added 2006/12/20 1:28 a.m.80 views

CVE-2006-6504

Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.

9.3CVSS7.2AI score0.41553EPSS
CVE
CVE
added 2007/02/13 11:28 p.m.80 views

CVE-2007-0908

The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name befor...

5CVSS7.3AI score0.10827EPSS
CVE
CVE
added 2007/06/26 6:30 p.m.80 views

CVE-2007-3409

Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.

7.5CVSS7.2AI score0.12389EPSS
CVE
CVE
added 2007/09/24 10:17 p.m.80 views

CVE-2007-4988

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.

7.8CVSS7.8AI score0.0199EPSS
CVE
CVE
added 2008/09/24 8:37 p.m.80 views

CVE-2008-4067

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a resource: URI.

4.3CVSS9.5AI score0.01724EPSS
CVE
CVE
added 2008/11/13 11:30 a.m.80 views

CVE-2008-5024

Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X documen...

7.5CVSS9.8AI score0.07219EPSS
CVE
CVE
added 2008/12/17 11:30 p.m.80 views

CVE-2008-5510

The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.

5CVSS9.7AI score0.01132EPSS
CVE
CVE
added 2008/12/17 11:30 p.m.80 views

CVE-2008-5513

Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting (XSS) attacks via unknown vect...

4.3CVSS8.9AI score0.01647EPSS
CVE
CVE
added 2010/03/03 7:30 p.m.80 views

CVE-2010-0205

The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of ser...

4.3CVSS8.8AI score0.08131EPSS
CVE
CVE
added 2011/08/15 9:55 p.m.80 views

CVE-2011-2748

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

7.8CVSS6.2AI score0.87787EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.80 views

CVE-2012-4216

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service ...

9.3CVSS9AI score0.0639EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.80 views

CVE-2012-5833

The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitr...

9.3CVSS9.1AI score0.02061EPSS
CVE
CVE
added 2013/12/13 6:55 p.m.80 views

CVE-2012-6151

Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.

4.3CVSS8.8AI score0.19894EPSS
CVE
CVE
added 2014/10/16 12:55 a.m.80 views

CVE-2014-3686

wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.

6.8CVSS6AI score0.04511EPSS
CVE
CVE
added 2014/12/19 3:59 p.m.80 views

CVE-2014-8136

The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.

2.1CVSS7.1AI score0.00131EPSS
CVE
CVE
added 2014/12/16 6:59 p.m.80 views

CVE-2014-9323

The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.

5CVSS8.1AI score0.01731EPSS
CVE
CVE
added 2015/04/01 10:59 a.m.80 views

CVE-2015-0804

The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a c...

7.5CVSS9.3AI score0.01906EPSS
CVE
CVE
added 2015/07/16 11:0 a.m.80 views

CVE-2015-2641

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.

3.5CVSS4.5AI score0.0072EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.80 views

CVE-2016-1703

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

8.8CVSS8.7AI score0.00999EPSS
CVE
CVE
added 2017/01/06 9:59 p.m.80 views

CVE-2016-2365

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a null pointer dereference. A malicious server or an attacker who intercepts the network traffic can send invalid data to trigger this...

5.9CVSS6.2AI score0.03136EPSS
CVE
CVE
added 2016/09/02 2:59 p.m.80 views

CVE-2016-5106

The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) comma...

6CVSS6.4AI score0.00075EPSS
CVE
CVE
added 2017/03/23 4:59 p.m.80 views

CVE-2016-9774

The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14....

7.8CVSS8AI score0.0007EPSS
CVE
CVE
added 2017/07/27 6:29 a.m.80 views

CVE-2017-11683

There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.

6.5CVSS6.5AI score0.00408EPSS
CVE
CVE
added 2017/09/01 9:29 p.m.80 views

CVE-2017-12691

The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

7.1CVSS6AI score0.00818EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.80 views

CVE-2017-17914

In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.

7.1CVSS6.6AI score0.00526EPSS
CVE
CVE
added 2018/06/27 11:29 a.m.80 views

CVE-2018-12904

In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL.

4.9CVSS5.5AI score0.00182EPSS
CVE
CVE
added 2018/12/12 1:29 p.m.80 views

CVE-2018-16867

A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may ...

7.8CVSS7.8AI score0.0009EPSS
CVE
CVE
added 2018/01/05 7:29 p.m.80 views

CVE-2018-5248

In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.

8.8CVSS7.1AI score0.01676EPSS
CVE
CVE
added 2018/02/19 1:29 p.m.80 views

CVE-2018-5380

The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.

4.3CVSS6.5AI score0.01402EPSS
CVE
CVE
added 2018/01/30 9:29 p.m.80 views

CVE-2018-6405

In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.

6.5CVSS6.9AI score0.00757EPSS
CVE
CVE
added 2020/05/26 1:15 p.m.80 views

CVE-2020-3812

qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmail-verify runs as root and tests for the existence of files in the attacker's home directory, without...

5.5CVSS6.7AI score0.00054EPSS
CVE
CVE
added 2005/08/15 4:0 a.m.79 views

CVE-2005-1527

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call.

5CVSS7.4AI score0.0133EPSS
CVE
CVE
added 2006/04/14 10:2 a.m.79 views

CVE-2006-1727

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview".

7.6CVSS6.4AI score0.05041EPSS
CVE
CVE
added 2006/10/10 4:6 a.m.79 views

CVE-2006-4997

The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).

7.5CVSS7AI score0.35021EPSS
CVE
CVE
added 2006/12/20 1:28 a.m.79 views

CVE-2006-6499

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that...

4.3CVSS6.1AI score0.13714EPSS
CVE
CVE
added 2008/03/19 10:44 a.m.79 views

CVE-2008-0062

KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.

9.8CVSS9.8AI score0.13208EPSS
CVE
CVE
added 2008/10/15 8:8 p.m.79 views

CVE-2008-4577

The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.

7.5CVSS7.3AI score0.01099EPSS
CVE
CVE
added 2008/11/13 11:30 a.m.79 views

CVE-2008-5023

Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.

7.5CVSS9.8AI score0.1839EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.79 views

CVE-2010-2805

The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

6.8CVSS9.5AI score0.05634EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.79 views

CVE-2012-4187

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory cor...

9.3CVSS9.6AI score0.24843EPSS
CVE
CVE
added 2013/02/13 1:55 a.m.79 views

CVE-2012-6075

Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.

9.3CVSS7.8AI score0.0597EPSS
CVE
CVE
added 2015/04/17 5:59 p.m.79 views

CVE-2015-1856

OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container.

5.5CVSS6AI score0.0087EPSS
CVE
CVE
added 2015/07/16 10:59 a.m.79 views

CVE-2015-2611

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.

4CVSS4.5AI score0.0077EPSS
CVE
CVE
added 2015/11/09 3:59 a.m.79 views

CVE-2015-2695

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

5CVSS7AI score0.04048EPSS
CVE
CVE
added 2015/11/18 4:59 p.m.79 views

CVE-2015-8023

The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message.

5CVSS7.4AI score0.00799EPSS
Total number of security vulnerabilities4105