Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2012/10/29 6:55 p.m.70 views

CVE-2012-4196

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats cer...

6.4CVSS8.8AI score0.00964EPSS
CVE
CVE
added 2012/09/07 10:55 p.m.70 views

CVE-2012-4388

The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to impr...

4.3CVSS6.3AI score0.09113EPSS
CVE
CVE
added 2013/02/24 7:55 p.m.70 views

CVE-2012-6093

The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which causes Qt to report an incorrect error when certificate validation fails...

4.3CVSS6.2AI score0.01095EPSS
CVE
CVE
added 2013/02/24 9:55 p.m.70 views

CVE-2013-0212

store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive info...

4CVSS5.8AI score0.01144EPSS
CVE
CVE
added 2013/09/30 9:55 p.m.70 views

CVE-2013-4314

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certificati...

4.3CVSS6.1AI score0.0025EPSS
CVE
CVE
added 2020/02/06 3:15 p.m.70 views

CVE-2014-1958

Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.

8.8CVSS8.3AI score0.20771EPSS
CVE
CVE
added 2014/08/18 11:15 a.m.70 views

CVE-2014-5206

The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" c...

7.2CVSS7.9AI score0.00037EPSS
CVE
CVE
added 2015/02/08 11:59 a.m.70 views

CVE-2014-9666

The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact v...

6.8CVSS7.9AI score0.01778EPSS
CVE
CVE
added 2015/04/01 10:59 a.m.70 views

CVE-2015-0806

The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code o...

7.5CVSS9.4AI score0.01906EPSS
CVE
CVE
added 2015/02/06 11:59 a.m.70 views

CVE-2015-1210

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the thro...

5CVSS6AI score0.00704EPSS
CVE
CVE
added 2015/03/09 12:59 a.m.70 views

CVE-2015-1231

Multiple unspecified vulnerabilities in Google Chrome before 41.0.2272.76 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.6AI score0.01158EPSS
CVE
CVE
added 2015/04/19 10:59 a.m.70 views

CVE-2015-1249

Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.8AI score0.01732EPSS
CVE
CVE
added 2019/04/22 4:29 p.m.70 views

CVE-2015-1341

Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.

7.8CVSS7.5AI score0.00136EPSS
CVE
CVE
added 2016/04/13 5:59 p.m.70 views

CVE-2015-3146

The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet.

7.5CVSS7AI score0.02391EPSS
CVE
CVE
added 2015/11/26 5:59 p.m.70 views

CVE-2015-8365

The smka_decode_frame function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibl...

6.8CVSS9.3AI score0.00625EPSS
CVE
CVE
added 2016/04/18 10:59 a.m.70 views

CVE-2016-1659

Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

10CVSS9.2AI score0.02365EPSS
CVE
CVE
added 2017/01/06 9:59 p.m.70 views

CVE-2016-2367

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle can send an invalid size for an avatar which will trigger an out-of-bounds rea...

5.9CVSS6.1AI score0.0191EPSS
CVE
CVE
added 2016/09/02 2:59 p.m.70 views

CVE-2016-5107

The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors.

6CVSS6.8AI score0.00071EPSS
CVE
CVE
added 2018/07/30 2:29 p.m.70 views

CVE-2016-9597

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.

7.5CVSS7AI score0.01327EPSS
CVE
CVE
added 2018/05/25 2:29 p.m.70 views

CVE-2018-11469

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.

5.9CVSS5.8AI score0.0003EPSS
CVE
CVE
added 2018/12/20 9:29 p.m.70 views

CVE-2018-20216

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).

7.5CVSS7.2AI score0.02783EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.70 views

CVE-2018-2778

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

4.9CVSS5AI score0.00439EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.70 views

CVE-2018-4096

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affect...

8.8CVSS7.6AI score0.00673EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.70 views

CVE-2019-18810

A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d.

7.8CVSS7.7AI score0.0122EPSS
CVE
CVE
added 2007/06/11 10:30 p.m.69 views

CVE-2007-2875

Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.

2.1CVSS5.5AI score0.00094EPSS
CVE
CVE
added 2007/10/08 9:17 p.m.69 views

CVE-2007-5268

pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.

4.3CVSS8.9AI score0.15258EPSS
CVE
CVE
added 2008/12/17 11:30 p.m.69 views

CVE-2008-5501

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.

5CVSS9.2AI score0.04539EPSS
CVE
CVE
added 2013/10/03 9:55 p.m.69 views

CVE-2013-1064

apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (...

4.6CVSS6.2AI score0.00061EPSS
CVE
CVE
added 2014/06/02 3:55 p.m.69 views

CVE-2013-6433

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.

7.6CVSS6.6AI score0.01893EPSS
CVE
CVE
added 2014/05/16 3:55 p.m.69 views

CVE-2014-3730

The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as demonstrated by "http:\\djangoproject.com."

4.3CVSS6.3AI score0.00988EPSS
CVE
CVE
added 2014/11/13 9:32 p.m.69 views

CVE-2014-8564

The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing r...

5CVSS6.3AI score0.00812EPSS
CVE
CVE
added 2014/12/01 3:59 p.m.69 views

CVE-2014-9087

Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.

7.5CVSS6.5AI score0.05055EPSS
CVE
CVE
added 2017/08/25 6:29 p.m.69 views

CVE-2014-9637

GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.

7.1CVSS5.7AI score0.00378EPSS
CVE
CVE
added 2015/02/08 11:59 a.m.69 views

CVE-2014-9659

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this ...

7.5CVSS7.9AI score0.02849EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.69 views

CVE-2014-9843

The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.

9.8CVSS7.6AI score0.01088EPSS
CVE
CVE
added 2017/03/17 2:59 p.m.69 views

CVE-2014-9853

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

5.5CVSS5.7AI score0.00473EPSS
CVE
CVE
added 2015/05/01 10:59 a.m.69 views

CVE-2015-1250

Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.8AI score0.01097EPSS
CVE
CVE
added 2015/07/01 2:59 p.m.69 views

CVE-2015-1330

unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vect...

6.8CVSS7.1AI score0.00087EPSS
CVE
CVE
added 2015/05/12 7:59 p.m.69 views

CVE-2015-2221

ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.

5CVSS6.2AI score0.0178EPSS
CVE
CVE
added 2015/03/09 12:59 a.m.69 views

CVE-2015-2238

Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS7AI score0.00107EPSS
CVE
CVE
added 2015/09/06 2:59 a.m.69 views

CVE-2015-6824

The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted video data.

7.5CVSS8.8AI score0.00887EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.69 views

CVE-2016-0607

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.

2.8CVSS5.5AI score0.00834EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.69 views

CVE-2016-1692

WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via a...

5.3CVSS5.9AI score0.00748EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.69 views

CVE-2016-1702

The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data.

6.5CVSS6.7AI score0.0142EPSS
CVE
CVE
added 2016/06/14 2:59 p.m.69 views

CVE-2016-5338

The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer.

7.8CVSS7.9AI score0.00097EPSS
CVE
CVE
added 2016/10/13 2:59 p.m.69 views

CVE-2016-7795

The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.

5.5CVSS5.2AI score0.0016EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.69 views

CVE-2017-17934

ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.

6.5CVSS6.3AI score0.00508EPSS
CVE
CVE
added 2018/08/05 3:29 a.m.69 views

CVE-2018-14938

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle_80211, which will result in an out-of-bounds ...

9.1CVSS8.9AI score0.00489EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.69 views

CVE-2018-2776

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks ...

4.9CVSS5.1AI score0.00439EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.69 views

CVE-2018-4133

An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

6.1CVSS5.7AI score0.00501EPSS
Total number of security vulnerabilities4105