Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2016/01/15 3:59 a.m.76 views

CVE-2016-1897

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.

5.5CVSS5.5AI score0.48759EPSS
CVE
CVE
added 2017/01/06 9:59 p.m.76 views

CVE-2016-2377

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the vu...

8.1CVSS8AI score0.03242EPSS
CVE
CVE
added 2016/04/27 5:59 p.m.76 views

CVE-2016-3135

Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

7.8CVSS7.3AI score0.00174EPSS
CVE
CVE
added 2016/07/21 10:12 a.m.76 views

CVE-2016-3486

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.

6.8CVSS5.7AI score0.05386EPSS
CVE
CVE
added 2016/06/01 10:59 p.m.76 views

CVE-2016-4454

The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read.

6CVSS6.8AI score0.00072EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.76 views

CVE-2017-14864

An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

5.5CVSS6AI score0.00129EPSS
CVE
CVE
added 2018/09/02 3:29 a.m.76 views

CVE-2018-16336

Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.

6.5CVSS6.2AI score0.01845EPSS
CVE
CVE
added 2018/10/17 4:29 a.m.76 views

CVE-2018-18409

A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.

5.5CVSS5.5AI score0.00323EPSS
CVE
CVE
added 2018/01/05 7:29 p.m.76 views

CVE-2018-5246

In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.

6.5CVSS7.1AI score0.00655EPSS
CVE
CVE
added 2018/01/12 9:29 a.m.76 views

CVE-2018-5357

ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.

6.5CVSS7.1AI score0.00469EPSS
CVE
CVE
added 2020/07/29 5:15 p.m.76 views

CVE-2020-11933

cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechan...

7.3CVSS6.6AI score0.00032EPSS
CVE
CVE
added 2008/07/02 4:41 p.m.75 views

CVE-2008-2826

Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a...

4.9CVSS7AI score0.00082EPSS
CVE
CVE
added 2008/12/17 11:30 p.m.75 views

CVE-2008-5500

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2)...

10CVSS9.7AI score0.03551EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.75 views

CVE-2010-2498

The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file th...

6.8CVSS9.1AI score0.02649EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.75 views

CVE-2010-2499

Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment.

6.8CVSS9AI score0.03379EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.75 views

CVE-2010-2500

Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

6.8CVSS9AI score0.02649EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.75 views

CVE-2010-2519

Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.

6.8CVSS9AI score0.0452EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.75 views

CVE-2012-4179

Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denia...

9.3CVSS9.4AI score0.06071EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.75 views

CVE-2012-4183

Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of...

9.3CVSS9.4AI score0.02721EPSS
CVE
CVE
added 2013/03/20 4:55 p.m.75 views

CVE-2013-2275

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.

4CVSS6.1AI score0.00378EPSS
CVE
CVE
added 2014/07/29 2:55 p.m.75 views

CVE-2014-5029

The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.

1.5CVSS7.1AI score0.00053EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.75 views

CVE-2014-9845

The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

5.5CVSS5.8AI score0.00418EPSS
CVE
CVE
added 2015/01/22 10:59 p.m.75 views

CVE-2015-1205

Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS9.4AI score0.01201EPSS
CVE
CVE
added 2015/03/09 12:59 a.m.75 views

CVE-2015-1228

The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service (app...

7.5CVSS6.7AI score0.01073EPSS
CVE
CVE
added 2015/07/16 10:59 a.m.75 views

CVE-2015-2617

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Partition.

6.5CVSS4.5AI score0.0066EPSS
CVE
CVE
added 2015/05/29 3:59 p.m.75 views

CVE-2015-4047

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.

7.8CVSS6.3AI score0.03587EPSS
CVE
CVE
added 2015/07/16 11:1 a.m.75 views

CVE-2015-4771

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.

3.5CVSS4.5AI score0.0072EPSS
CVE
CVE
added 2016/01/13 3:59 p.m.75 views

CVE-2015-8607

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

7.5CVSS6.8AI score0.05664EPSS
CVE
CVE
added 2016/06/03 2:59 p.m.75 views

CVE-2015-8872

The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."

6.2CVSS6.1AI score0.00091EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.75 views

CVE-2016-1678

objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

8.8CVSS8.8AI score0.01307EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.75 views

CVE-2016-1695

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

8.8CVSS8.7AI score0.01191EPSS
CVE
CVE
added 2017/01/06 9:59 p.m.75 views

CVE-2016-2369

A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a denial of service vulnerability. A malicious server can send a packet starting with a NULL byte triggering the vulnerability.

5.9CVSS6.2AI score0.03136EPSS
CVE
CVE
added 2016/03/14 1:59 a.m.75 views

CVE-2016-2856

pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 la...

8.4CVSS8.6AI score0.00684EPSS
CVE
CVE
added 2017/04/05 6:59 a.m.75 views

CVE-2017-7358

In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.

7.3CVSS7AI score0.01019EPSS
Web
CVE
CVE
added 2018/03/06 6:29 p.m.75 views

CVE-2018-7730

An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.

5.5CVSS6.1AI score0.00354EPSS
CVE
CVE
added 2020/05/26 1:15 p.m.75 views

CVE-2020-3811

qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.

7.5CVSS8.3AI score0.00376EPSS
CVE
CVE
added 2005/05/19 4:0 a.m.74 views

CVE-2005-1260

bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

5CVSS7.1AI score0.09796EPSS
CVE
CVE
added 2009/11/20 2:30 a.m.74 views

CVE-2009-3553

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listin...

7.5CVSS7.4AI score0.09847EPSS
CVE
CVE
added 2010/09/08 8:0 p.m.74 views

CVE-2009-4895

Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_tty_queue and __f_seto...

4.7CVSS6AI score0.00064EPSS
CVE
CVE
added 2012/06/05 10:55 p.m.74 views

CVE-2012-0260

The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.

6.5CVSS6.7AI score0.01936EPSS
CVE
CVE
added 2012/06/05 10:55 p.m.74 views

CVE-2012-1186

Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248.

5.5CVSS6.7AI score0.00286EPSS
CVE
CVE
added 2013/01/18 11:48 a.m.74 views

CVE-2012-5656

The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.

5.5CVSS5.3AI score0.00052EPSS
CVE
CVE
added 2014/10/06 2:55 p.m.74 views

CVE-2014-3633

The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-...

5.8CVSS8AI score0.03629EPSS
CVE
CVE
added 2015/06/25 4:59 p.m.74 views

CVE-2015-1851

OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.

6.8CVSS6AI score0.00489EPSS
CVE
CVE
added 2015/07/14 4:59 p.m.74 views

CVE-2015-3279

Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.

7.5CVSS8.1AI score0.1072EPSS
CVE
CVE
added 2015/09/06 2:59 a.m.74 views

CVE-2015-6826

The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 Real...

7.5CVSS8.8AI score0.00887EPSS
CVE
CVE
added 2016/09/20 2:15 p.m.74 views

CVE-2015-8916

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.

6.5CVSS6.9AI score0.00757EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.74 views

CVE-2016-0665

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption.

5.5CVSS4.8AI score0.00171EPSS
CVE
CVE
added 2017/01/06 9:59 p.m.74 views

CVE-2016-2378

A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfiltered malicious user can send negative length value...

8.1CVSS7.9AI score0.03242EPSS
CVE
CVE
added 2016/04/27 5:59 p.m.74 views

CVE-2016-2383

The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions.

5.5CVSS6.1AI score0.00057EPSS
Total number of security vulnerabilities4105