Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2017/01/06 9:59 p.m.75 views

CVE-2016-2377

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send a negative content-length in response to a HTTP request triggering the vu...

8.1CVSS8AI score0.0125EPSS
Web
CVE
CVE
added 2018/04/19 2:29 a.m.75 views

CVE-2018-2779

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

4.9CVSS5AI score0.00439EPSS
CVE
CVE
added 2020/05/26 1:15 p.m.75 views

CVE-2020-3811

qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.

7.5CVSS8.3AI score0.00376EPSS
CVE
CVE
added 2006/04/14 10:2 a.m.74 views

CVE-2006-1729

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the ...

4.3CVSS6.4AI score0.01816EPSS
CVE
CVE
added 2009/11/20 2:30 a.m.74 views

CVE-2009-3553

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listin...

7.5CVSS7.4AI score0.09847EPSS
CVE
CVE
added 2012/06/05 10:55 p.m.74 views

CVE-2012-1186

Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248.

5.5CVSS6.7AI score0.00286EPSS
CVE
CVE
added 2012/08/29 10:56 a.m.74 views

CVE-2012-3963

Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS9.4AI score0.02314EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.74 views

CVE-2012-4215

Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a de...

9.3CVSS9AI score0.04317EPSS
CVE
CVE
added 2013/01/18 11:48 a.m.74 views

CVE-2012-5656

The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.

5.5CVSS5.3AI score0.00052EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.74 views

CVE-2012-5839

Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via un...

9.3CVSS9.1AI score0.05209EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.74 views

CVE-2012-5840

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial ...

9.3CVSS9.1AI score0.04317EPSS
CVE
CVE
added 2013/03/20 4:55 p.m.74 views

CVE-2013-1654

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors.

5CVSS6.4AI score0.00455EPSS
CVE
CVE
added 2014/01/18 7:55 p.m.74 views

CVE-2013-6425

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.

5CVSS6AI score0.02998EPSS
CVE
CVE
added 2014/08/19 6:55 p.m.74 views

CVE-2014-3528

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.

4CVSS8.6AI score0.0219EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.74 views

CVE-2014-9845

The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

5.5CVSS5.8AI score0.00418EPSS
CVE
CVE
added 2015/01/22 10:59 p.m.74 views

CVE-2015-1205

Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS9.4AI score0.01201EPSS
CVE
CVE
added 2015/07/16 10:59 a.m.74 views

CVE-2015-2617

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Partition.

6.5CVSS4.5AI score0.0066EPSS
CVE
CVE
added 2015/07/16 11:1 a.m.74 views

CVE-2015-4771

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.

3.5CVSS4.5AI score0.0072EPSS
CVE
CVE
added 2016/01/13 3:59 p.m.74 views

CVE-2015-8607

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

7.5CVSS6.8AI score0.05664EPSS
CVE
CVE
added 2016/09/20 2:15 p.m.74 views

CVE-2015-8916

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.

6.5CVSS6.9AI score0.00901EPSS
CVE
CVE
added 2017/01/06 9:59 p.m.74 views

CVE-2016-2378

A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfiltered malicious user can send negative length value...

8.1CVSS7.9AI score0.0125EPSS
Web
CVE
CVE
added 2016/03/14 1:59 a.m.74 views

CVE-2016-2856

pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 la...

8.4CVSS8.6AI score0.00684EPSS
CVE
CVE
added 2016/07/21 10:12 a.m.74 views

CVE-2016-3486

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.

6.8CVSS5.7AI score0.05386EPSS
CVE
CVE
added 2016/05/20 2:59 p.m.74 views

CVE-2016-4439

The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary co...

6.7CVSS7.4AI score0.00418EPSS
CVE
CVE
added 2016/06/03 2:59 p.m.74 views

CVE-2016-4804

The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.

6.2CVSS6.2AI score0.00122EPSS
CVE
CVE
added 2017/03/23 4:59 p.m.74 views

CVE-2016-9775

The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian je...

7.8CVSS8.2AI score0.0011EPSS
CVE
CVE
added 2017/09/01 9:29 p.m.74 views

CVE-2017-12693

The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.

7.1CVSS6AI score0.00809EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.74 views

CVE-2017-14859

An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

5.5CVSS6AI score0.00129EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.74 views

CVE-2017-14862

An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

5.5CVSS6AI score0.00129EPSS
CVE
CVE
added 2017/12/14 6:29 a.m.74 views

CVE-2017-17681

In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.

7.1CVSS6.6AI score0.00455EPSS
CVE
CVE
added 2018/03/15 7:29 p.m.74 views

CVE-2017-18234

An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles...

7.8CVSS7.9AI score0.00257EPSS
CVE
CVE
added 2017/04/05 6:59 a.m.74 views

CVE-2017-7358

In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.

7.3CVSS7AI score0.01019EPSS
CVE
CVE
added 2018/03/06 6:29 p.m.74 views

CVE-2018-7730

An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.

5.5CVSS6.1AI score0.00354EPSS
CVE
CVE
added 2024/01/08 7:15 p.m.74 views

CVE-2023-1032

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.

5.5CVSS5.4AI score0.00013EPSS
CVE
CVE
added 2007/02/20 5:28 p.m.73 views

CVE-2007-0988

The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for...

4.3CVSS7.3AI score0.0175EPSS
CVE
CVE
added 2008/12/17 11:30 p.m.73 views

CVE-2008-5500

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2)...

10CVSS9.7AI score0.03551EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.73 views

CVE-2010-2498

The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file th...

6.8CVSS9.1AI score0.02649EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.73 views

CVE-2010-2499

Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment.

6.8CVSS9AI score0.03379EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.73 views

CVE-2010-2500

Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

6.8CVSS9AI score0.02649EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.73 views

CVE-2010-2519

Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.

6.8CVSS9AI score0.0452EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.73 views

CVE-2012-4179

Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denia...

9.3CVSS9.4AI score0.05468EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.73 views

CVE-2012-4183

Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of...

9.3CVSS9.4AI score0.02721EPSS
CVE
CVE
added 2014/07/29 2:55 p.m.73 views

CVE-2014-5029

The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.

1.5CVSS7.1AI score0.00053EPSS
CVE
CVE
added 2020/02/17 6:15 p.m.73 views

CVE-2015-0258

Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a file with a (1) .php3, (2) .php4, (3) .php5, or (4) .phtml extension.

8.8CVSS8.8AI score0.11883EPSS
Web
CVE
CVE
added 2015/04/19 10:59 a.m.73 views

CVE-2015-3333

Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.8AI score0.00241EPSS
CVE
CVE
added 2015/08/16 11:59 p.m.73 views

CVE-2015-3741

WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVE...

6.8CVSS8.5AI score0.00998EPSS
CVE
CVE
added 2015/09/06 2:59 a.m.73 views

CVE-2015-6826

The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 Real...

7.5CVSS8.8AI score0.00887EPSS
CVE
CVE
added 2016/06/03 2:59 p.m.73 views

CVE-2015-8872

The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."

6.2CVSS6.1AI score0.00091EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.73 views

CVE-2016-1678

objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

8.8CVSS8.8AI score0.01307EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.73 views

CVE-2016-1695

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

8.8CVSS8.7AI score0.01191EPSS
Total number of security vulnerabilities4105