Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2018/02/02 9:29 a.m.69 views

CVE-2018-6540

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.5AI score0.00416EPSS
CVE
CVE
added 2019/09/11 7:15 p.m.69 views

CVE-2019-16235

Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.

7.5CVSS7.2AI score0.00304EPSS
CVE
CVE
added 2006/08/31 9:4 p.m.68 views

CVE-2006-4482

Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990.

9.3CVSS6.7AI score0.06787EPSS
CVE
CVE
added 2008/08/08 7:41 p.m.68 views

CVE-2008-1945

QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.

2.1CVSS7.3AI score0.00112EPSS
CVE
CVE
added 2008/09/24 8:37 p.m.68 views

CVE-2008-4058

The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.

7.5CVSS9.8AI score0.02428EPSS
CVE
CVE
added 2010/03/15 2:15 p.m.68 views

CVE-2010-0050

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.

9.3CVSS8.6AI score0.45126EPSS
CVE
CVE
added 2014/02/04 11:55 p.m.68 views

CVE-2011-2725

Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.

6.8CVSS6.5AI score0.00612EPSS
CVE
CVE
added 2013/02/19 11:55 p.m.68 views

CVE-2013-0781

Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

9.3CVSS7.6AI score0.01558EPSS
CVE
CVE
added 2013/10/03 9:55 p.m.68 views

CVE-2013-1062

ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and 0.2.2 before 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) ...

4.6CVSS6.2AI score0.00047EPSS
CVE
CVE
added 2013/09/16 7:14 p.m.68 views

CVE-2013-4202

The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due ...

4.3CVSS6.4AI score0.03256EPSS
Web
CVE
CVE
added 2019/12/31 7:15 p.m.68 views

CVE-2013-4357

The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.

7.5CVSS7.2AI score0.01161EPSS
CVE
CVE
added 2014/11/20 5:50 p.m.68 views

CVE-2014-8768

Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.

5CVSS8.7AI score0.33885EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.68 views

CVE-2014-9841

The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."

9.8CVSS7.6AI score0.01088EPSS
CVE
CVE
added 2017/08/25 6:29 p.m.68 views

CVE-2015-1395

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.

7.8CVSS7.2AI score0.01515EPSS
CVE
CVE
added 2016/02/23 7:59 p.m.68 views

CVE-2015-8803

The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015...

9.8CVSS8.6AI score0.12343EPSS
CVE
CVE
added 2016/04/18 10:59 a.m.68 views

CVE-2016-1655

Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension.

8.8CVSS9.2AI score0.03027EPSS
CVE
CVE
added 2016/04/13 4:59 p.m.68 views

CVE-2016-2191

The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.

6.5CVSS6.2AI score0.02401EPSS
CVE
CVE
added 2018/01/12 8:29 p.m.68 views

CVE-2017-18028

In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.

7.1CVSS6.6AI score0.00728EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.68 views

CVE-2018-2780

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

6.5CVSS5.6AI score0.00571EPSS
CVE
CVE
added 2018/03/06 6:29 p.m.68 views

CVE-2018-7728

An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.

5.5CVSS5.5AI score0.00303EPSS
CVE
CVE
added 2019/09/11 7:15 p.m.68 views

CVE-2019-16237

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.

7.5CVSS7.3AI score0.00405EPSS
CVE
CVE
added 2024/06/04 10:15 p.m.68 views

CVE-2022-28658

Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing

5.5CVSS6.6AI score0.00041EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.67 views

CVE-2004-1064

The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. Thi...

10CVSS6.2AI score0.02834EPSS
CVE
CVE
added 2006/08/21 9:4 p.m.67 views

CVE-2006-4093

Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time."

4.9CVSS7AI score0.00062EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.67 views

CVE-2006-5868

Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.

9.3CVSS6.2AI score0.01166EPSS
CVE
CVE
added 2007/09/18 9:17 p.m.67 views

CVE-2007-2834

Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of me...

9.3CVSS7.7AI score0.12957EPSS
CVE
CVE
added 2008/06/24 7:41 p.m.67 views

CVE-2008-2725

Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the "...

7.8CVSS7AI score
CVE
CVE
added 2008/10/15 8:8 p.m.67 views

CVE-2008-4582

Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13, when running on Windows, do not properly identify the context of Windows .url shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive informat...

4.3CVSS9.3AI score0.3558EPSS
Web
CVE
CVE
added 2009/03/14 6:30 p.m.67 views

CVE-2009-0586

Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a b...

7.5CVSS7.8AI score0.03754EPSS
CVE
CVE
added 2010/07/12 4:30 p.m.67 views

CVE-2010-0832

pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory, related to "use...

6.9CVSS6.1AI score0.00524EPSS
CVE
CVE
added 2012/10/12 10:44 a.m.67 views

CVE-2012-4193

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same O...

6.8CVSS9AI score0.01406EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.67 views

CVE-2012-4217

Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

9.3CVSS8.8AI score0.02868EPSS
CVE
CVE
added 2012/11/11 1:0 p.m.67 views

CVE-2012-4564

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.

6.8CVSS8.7AI score0.2646EPSS
CVE
CVE
added 2013/03/20 4:55 p.m.67 views

CVE-2013-1653

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code via...

7.1CVSS7.2AI score0.01548EPSS
CVE
CVE
added 2013/08/20 10:55 p.m.67 views

CVE-2013-4130

The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attackers to cause a denial of service (reachable assertion and server exit) by triggering a network error...

5CVSS6.3AI score0.01102EPSS
CVE
CVE
added 2014/04/30 10:49 a.m.67 views

CVE-2014-1519

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

9.3CVSS9.7AI score0.01916EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.67 views

CVE-2014-9849

The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).

7.5CVSS7.1AI score0.01602EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.67 views

CVE-2014-9851

ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).

7.5CVSS7.1AI score0.02032EPSS
CVE
CVE
added 2016/02/23 7:59 p.m.67 views

CVE-2015-8804

x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors.

9.8CVSS8.5AI score0.11875EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.67 views

CVE-2016-0595

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML.

4CVSS5.5AI score0.00722EPSS
CVE
CVE
added 2017/01/06 9:59 p.m.67 views

CVE-2016-2373

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or user can send an invalid mood to trigger this vulnerability.

5.9CVSS6.2AI score0.01915EPSS
CVE
CVE
added 2016/12/17 3:59 a.m.67 views

CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.

9.3CVSS7.7AI score0.16283EPSS
CVE
CVE
added 2018/12/07 10:29 p.m.67 views

CVE-2017-16909

An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.

8.8CVSS8.4AI score0.00543EPSS
CVE
CVE
added 2017/12/21 3:29 a.m.67 views

CVE-2017-17816

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack.

5.5CVSS6.1AI score0.00175EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.67 views

CVE-2017-17884

In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.

6.5CVSS6.5AI score0.0045EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.67 views

CVE-2017-17885

In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.

6.5CVSS6.5AI score0.0045EPSS
CVE
CVE
added 2018/03/01 9:29 p.m.67 views

CVE-2017-18209

In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

8.8CVSS7AI score0.00369EPSS
CVE
CVE
added 2018/03/15 7:29 p.m.67 views

CVE-2017-18236

An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.

5.5CVSS5.7AI score0.01138EPSS
CVE
CVE
added 2018/02/02 9:29 a.m.67 views

CVE-2018-6541

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.4AI score0.00442EPSS
CVE
CVE
added 2018/12/07 11:29 p.m.67 views

CVE-2018-9518

In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kerne...

7.8CVSS7.6AI score0.00074EPSS
Total number of security vulnerabilities4105