Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2016/05/20 2:59 p.m.74 views

CVE-2016-4439

The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary co...

6.7CVSS7.4AI score0.00418EPSS
CVE
CVE
added 2016/06/03 2:59 p.m.74 views

CVE-2016-4804

The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.

6.2CVSS6.2AI score0.00122EPSS
CVE
CVE
added 2016/07/21 10:14 a.m.74 views

CVE-2016-5439

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.

4.9CVSS5.2AI score0.01291EPSS
CVE
CVE
added 2017/03/23 4:59 p.m.74 views

CVE-2016-9775

The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian je...

7.8CVSS8.2AI score0.0011EPSS
CVE
CVE
added 2017/09/01 9:29 p.m.74 views

CVE-2017-12693

The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.

7.1CVSS6AI score0.00809EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.74 views

CVE-2017-14859

An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

5.5CVSS6AI score0.00129EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.74 views

CVE-2017-14862

An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

5.5CVSS6AI score0.00129EPSS
CVE
CVE
added 2017/12/14 6:29 a.m.74 views

CVE-2017-17681

In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.

7.1CVSS6.6AI score0.00455EPSS
CVE
CVE
added 2018/03/15 7:29 p.m.74 views

CVE-2017-18234

An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles...

7.8CVSS7.9AI score0.00257EPSS
CVE
CVE
added 2018/12/20 11:29 p.m.74 views

CVE-2018-20124

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.

5.5CVSS5.9AI score0.00166EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.74 views

CVE-2018-2762

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQ...

4.4CVSS4.7AI score0.00108EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.74 views

CVE-2018-2775

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

6.5CVSS5.6AI score0.00571EPSS
CVE
CVE
added 2019/12/23 7:15 p.m.74 views

CVE-2019-3467

Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config

7.8CVSS7.3AI score0.0009EPSS
CVE
CVE
added 2005/07/05 4:0 a.m.73 views

CVE-2004-2154

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.

9.8CVSS9.3AI score0.00487EPSS
CVE
CVE
added 2005/10/12 1:4 p.m.73 views

CVE-2005-3181

The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denia...

2.1CVSS5.1AI score0.00153EPSS
CVE
CVE
added 2008/09/24 8:37 p.m.73 views

CVE-2008-4065

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) characters that are removed from JavaScript code before ...

4.3CVSS8.9AI score0.01308EPSS
CVE
CVE
added 2008/09/24 8:37 p.m.73 views

CVE-2008-4068

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this informati...

7.8CVSS9.4AI score0.00187EPSS
CVE
CVE
added 2011/07/17 8:55 p.m.73 views

CVE-2011-2692

The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly ha...

8.8CVSS9.2AI score0.07097EPSS
CVE
CVE
added 2012/06/05 10:55 p.m.73 views

CVE-2012-1185

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. N...

7.8CVSS8.5AI score0.04205EPSS
CVE
CVE
added 2013/09/30 10:55 p.m.73 views

CVE-2013-4222

OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.

6.5CVSS6.1AI score0.0058EPSS
CVE
CVE
added 2020/01/02 4:15 p.m.73 views

CVE-2013-4532

Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

7.8CVSS8AI score0.00229EPSS
CVE
CVE
added 2020/02/17 6:15 p.m.73 views

CVE-2015-0258

Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a file with a (1) .php3, (2) .php4, (3) .php5, or (4) .phtml extension.

8.8CVSS8.8AI score0.11883EPSS
Web
CVE
CVE
added 2015/04/19 10:59 a.m.73 views

CVE-2015-1235

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element.

5CVSS5.8AI score0.00962EPSS
CVE
CVE
added 2015/04/19 10:59 a.m.73 views

CVE-2015-3333

Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.8AI score0.00241EPSS
CVE
CVE
added 2015/08/16 11:59 p.m.73 views

CVE-2015-3741

WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVE...

6.8CVSS8.5AI score0.00998EPSS
CVE
CVE
added 2016/06/07 2:6 p.m.73 views

CVE-2015-5261

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.

7.1CVSS7.4AI score0.00046EPSS
CVE
CVE
added 2016/02/23 7:59 p.m.73 views

CVE-2015-8805

The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015...

9.8CVSS8.6AI score0.12343EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.73 views

CVE-2016-0611

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

4CVSS5.5AI score0.00746EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.73 views

CVE-2016-1673

Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

8.8CVSS8.2AI score0.01034EPSS
CVE
CVE
added 2016/01/15 3:59 a.m.73 views

CVE-2016-1898

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file.

5.5CVSS5.5AI score0.29201EPSS
CVE
CVE
added 2016/03/29 10:59 a.m.73 views

CVE-2016-3679

Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

9.3CVSS8.7AI score0.0085EPSS
CVE
CVE
added 2017/09/21 5:29 a.m.73 views

CVE-2017-14624

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.

9.8CVSS7.5AI score0.01511EPSS
CVE
CVE
added 2017/10/05 1:29 a.m.73 views

CVE-2017-15016

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.

8.8CVSS7AI score0.00296EPSS
CVE
CVE
added 2017/12/21 3:29 a.m.73 views

CVE-2017-17814

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack.

5.5CVSS6.1AI score0.00175EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.73 views

CVE-2017-17881

In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.

6.5CVSS6.5AI score0.0045EPSS
CVE
CVE
added 2018/09/22 4:29 p.m.73 views

CVE-2018-17336

UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %...

7.8CVSS7.9AI score0.00344EPSS
CVE
CVE
added 2019/08/01 6:15 p.m.73 views

CVE-2019-14496

LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow.

7.8CVSS7.5AI score0.00302EPSS
CVE
CVE
added 2020/12/09 4:15 a.m.73 views

CVE-2020-16128

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.

3.8CVSS4.1AI score0.00053EPSS
CVE
CVE
added 2007/05/16 10:30 p.m.72 views

CVE-2007-2728

The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security issue.

5CVSS6.3AI score0.01266EPSS
CVE
CVE
added 2008/11/13 11:30 a.m.72 views

CVE-2008-0017

The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for an allocation failure, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an...

9.3CVSS10AI score0.12044EPSS
CVE
CVE
added 2008/07/09 6:41 p.m.72 views

CVE-2008-2931

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.

7.8CVSS7.2AI score0.00023EPSS
CVE
CVE
added 2009/04/08 4:30 p.m.72 views

CVE-2009-1270

libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang.

7.8CVSS7AI score0.04495EPSS
CVE
CVE
added 2009/08/28 3:30 p.m.72 views

CVE-2009-3001

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket.

4.9CVSS6.1AI score0.00087EPSS
CVE
CVE
added 2010/02/16 7:30 p.m.72 views

CVE-2010-0136

OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.

9.3CVSS6.5AI score0.04524EPSS
CVE
CVE
added 2010/08/19 6:0 p.m.72 views

CVE-2010-2520

Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

5.1CVSS9.7AI score0.03154EPSS
CVE
CVE
added 2011/03/01 11:0 p.m.72 views

CVE-2011-1012

The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does not validate the VBLK size value in the VMDB structure in an LDM partition table, which allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted partition table.

4.9CVSS7.3AI score0.00011EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.72 views

CVE-2012-5843

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

9.3CVSS9.2AI score0.0299EPSS
CVE
CVE
added 2013/03/20 4:55 p.m.72 views

CVE-2013-1652

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key to read arbitrary catalogs or poison the master's cache via unspecified vectors.

4.9CVSS6.1AI score0.00307EPSS
CVE
CVE
added 2013/06/15 7:55 p.m.72 views

CVE-2013-2064

Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.

6.8CVSS9.2AI score0.00943EPSS
CVE
CVE
added 2013/07/31 1:20 p.m.72 views

CVE-2013-2112

The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.

7.8CVSS6.2AI score0.03541EPSS
Total number of security vulnerabilities4105