Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2007/10/08 9:17 p.m.69 views

CVE-2007-5268

pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.

4.3CVSS8.9AI score0.15258EPSS
CVE
CVE
added 2008/05/29 4:32 p.m.69 views

CVE-2008-1672

OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference.

4.3CVSS8.1AI score0.22012EPSS
CVE
CVE
added 2009/06/08 1:0 a.m.69 views

CVE-2009-1961

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice...

4.7CVSS4.4AI score0.00133EPSS
CVE
CVE
added 2011/12/08 11:55 a.m.69 views

CVE-2011-4539

dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.

5CVSS6.2AI score0.32265EPSS
CVE
CVE
added 2014/02/05 7:55 p.m.69 views

CVE-2011-4613

The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.

4.6CVSS6AI score0.00072EPSS
CVE
CVE
added 2012/07/25 10:42 a.m.69 views

CVE-2012-3571

ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.

6.1CVSS6.3AI score0.22137EPSS
Web
CVE
CVE
added 2012/09/07 10:55 p.m.69 views

CVE-2012-4388

The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to impr...

4.3CVSS6.3AI score0.09113EPSS
Web
CVE
CVE
added 2013/02/24 9:55 p.m.69 views

CVE-2013-0212

store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive info...

4CVSS5.8AI score0.01144EPSS
CVE
CVE
added 2013/03/20 4:55 p.m.69 views

CVE-2013-1652

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key to read arbitrary catalogs or poison the master's cache via unspecified vectors.

4.9CVSS6.1AI score0.00245EPSS
CVE
CVE
added 2020/02/06 3:15 p.m.69 views

CVE-2014-1958

Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.

8.8CVSS8.3AI score0.20771EPSS
CVE
CVE
added 2014/05/16 3:55 p.m.69 views

CVE-2014-3730

The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as demonstrated by "http:\\djangoproject.com."

4.3CVSS6.3AI score0.00988EPSS
CVE
CVE
added 2014/11/13 9:32 p.m.69 views

CVE-2014-8564

The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing r...

5CVSS6.3AI score0.00812EPSS
CVE
CVE
added 2017/08/25 6:29 p.m.69 views

CVE-2014-9637

GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.

7.1CVSS5.7AI score0.00378EPSS
CVE
CVE
added 2015/02/08 11:59 a.m.69 views

CVE-2014-9659

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this ...

7.5CVSS7.9AI score0.02849EPSS
CVE
CVE
added 2015/02/08 11:59 a.m.69 views

CVE-2014-9666

The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact v...

6.8CVSS7.9AI score0.01778EPSS
CVE
CVE
added 2017/03/17 2:59 p.m.69 views

CVE-2014-9853

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

5.5CVSS5.7AI score0.00473EPSS
CVE
CVE
added 2015/05/12 7:59 p.m.69 views

CVE-2015-2221

ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.

5CVSS6.2AI score0.0178EPSS
CVE
CVE
added 2015/03/09 12:59 a.m.69 views

CVE-2015-2238

Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS7AI score0.00107EPSS
CVE
CVE
added 2015/09/06 2:59 a.m.69 views

CVE-2015-6824

The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted video data.

7.5CVSS8.8AI score0.00887EPSS
CVE
CVE
added 2017/01/06 9:59 p.m.69 views

CVE-2016-2367

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle can send an invalid size for an avatar which will trigger an out-of-bounds rea...

5.9CVSS6.1AI score0.01445EPSS
Web
CVE
CVE
added 2016/06/14 2:59 p.m.69 views

CVE-2016-5338

The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer.

7.8CVSS7.9AI score0.00097EPSS
CVE
CVE
added 2017/12/14 6:29 a.m.69 views

CVE-2017-17680

In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.

6.5CVSS6.5AI score0.00467EPSS
CVE
CVE
added 2018/08/05 3:29 a.m.69 views

CVE-2018-14938

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle_80211, which will result in an out-of-bounds ...

9.1CVSS8.9AI score0.00489EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.69 views

CVE-2018-2769

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Succ...

4.9CVSS5AI score0.00439EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.69 views

CVE-2018-4096

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affect...

8.8CVSS7.6AI score0.00673EPSS
CVE
CVE
added 2018/02/02 9:29 a.m.69 views

CVE-2018-6540

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.5AI score0.00416EPSS
CVE
CVE
added 2019/09/11 7:15 p.m.69 views

CVE-2019-16235

Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.

7.5CVSS7.2AI score0.00167EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.69 views

CVE-2019-18810

A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d.

7.8CVSS7.7AI score0.0122EPSS
CVE
CVE
added 2014/02/04 11:55 p.m.68 views

CVE-2011-2725

Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.

6.8CVSS6.5AI score0.00612EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.68 views

CVE-2012-4184

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attack...

4.3CVSS9.1AI score0.01102EPSS
CVE
CVE
added 2012/10/29 6:55 p.m.68 views

CVE-2012-4195

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier ...

4.3CVSS8.2AI score0.00962EPSS
CVE
CVE
added 2012/10/29 6:55 p.m.68 views

CVE-2012-4196

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats cer...

6.4CVSS8.8AI score0.00964EPSS
CVE
CVE
added 2013/02/19 11:55 p.m.68 views

CVE-2013-0781

Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

9.3CVSS7.6AI score0.01558EPSS
CVE
CVE
added 2013/10/03 9:55 p.m.68 views

CVE-2013-1062

ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and 0.2.2 before 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) ...

4.6CVSS6.2AI score0.00047EPSS
CVE
CVE
added 2013/10/03 9:55 p.m.68 views

CVE-2013-1064

apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (...

4.6CVSS6.2AI score0.00061EPSS
CVE
CVE
added 2019/12/31 7:15 p.m.68 views

CVE-2013-4357

The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.

7.5CVSS7.2AI score0.01161EPSS
CVE
CVE
added 2014/11/20 5:50 p.m.68 views

CVE-2014-8768

Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.

5CVSS8.7AI score0.33885EPSS
Web
CVE
CVE
added 2014/12/01 3:59 p.m.68 views

CVE-2014-9087

Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.

7.5CVSS6.5AI score0.05055EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.68 views

CVE-2014-9841

The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."

9.8CVSS7.6AI score0.01088EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.68 views

CVE-2014-9843

The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.

9.8CVSS7.6AI score0.01088EPSS
CVE
CVE
added 2015/04/19 10:59 a.m.68 views

CVE-2015-1249

Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.8AI score0.01732EPSS
CVE
CVE
added 2015/05/01 10:59 a.m.68 views

CVE-2015-1250

Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.8AI score0.01097EPSS
CVE
CVE
added 2015/07/01 2:59 p.m.68 views

CVE-2015-1330

unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vect...

6.8CVSS7.1AI score0.00087EPSS
CVE
CVE
added 2017/08/25 6:29 p.m.68 views

CVE-2015-1395

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.

7.8CVSS7.2AI score0.01515EPSS
CVE
CVE
added 2016/04/18 10:59 a.m.68 views

CVE-2016-1655

Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension.

8.8CVSS9.2AI score0.03027EPSS
CVE
CVE
added 2016/06/05 11:59 p.m.68 views

CVE-2016-1702

The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data.

6.5CVSS6.7AI score0.0142EPSS
CVE
CVE
added 2016/04/13 4:59 p.m.68 views

CVE-2016-2191

The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.

6.5CVSS6.2AI score0.02401EPSS
CVE
CVE
added 2016/10/13 2:59 p.m.68 views

CVE-2016-7795

The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.

5.5CVSS5.2AI score0.0016EPSS
CVE
CVE
added 2018/07/30 2:29 p.m.68 views

CVE-2016-9597

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.

7.5CVSS7AI score0.01327EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.68 views

CVE-2017-17934

ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.

6.5CVSS6.3AI score0.00508EPSS
Total number of security vulnerabilities4105