Lucene search

K
CanonicalUbuntu Linux

4105 matches found

cve
cve
added 2018/05/25 2:29 p.m.68 views

CVE-2018-11469

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.

5.9CVSS5.8AI score0.0003EPSS
cve
cve
added 2018/12/20 9:29 p.m.68 views

CVE-2018-20216

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).

7.5CVSS7.2AI score0.02783EPSS
cve
cve
added 2018/04/19 2:29 a.m.68 views

CVE-2018-2778

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

4.9CVSS5AI score0.00439EPSS
cve
cve
added 2018/04/03 6:29 a.m.68 views

CVE-2018-4133

An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

6.1CVSS5.7AI score0.00501EPSS
cve
cve
added 2018/03/06 6:29 p.m.68 views

CVE-2018-7728

An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.

5.5CVSS5.5AI score0.00303EPSS
cve
cve
added 2019/09/11 7:15 p.m.68 views

CVE-2019-16237

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.

7.5CVSS7.3AI score0.00405EPSS
cve
cve
added 2024/06/04 10:15 p.m.68 views

CVE-2022-28658

Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing

5.5CVSS6.6AI score0.00041EPSS
cve
cve
added 2005/01/10 5:0 a.m.67 views

CVE-2004-1064

The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. Thi...

10CVSS6.2AI score0.02834EPSS
cve
cve
added 2007/06/11 10:30 p.m.67 views

CVE-2007-2875

Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.

2.1CVSS5.5AI score0.00094EPSS
Web
cve
cve
added 2008/10/15 8:8 p.m.67 views

CVE-2008-4582

Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13, when running on Windows, do not properly identify the context of Windows .url shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive informat...

4.3CVSS9.3AI score0.3558EPSS
cve
cve
added 2008/12/17 11:30 p.m.67 views

CVE-2008-5501

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.

5CVSS9.2AI score0.04539EPSS
cve
cve
added 2010/03/15 2:15 p.m.67 views

CVE-2010-0050

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.

9.3CVSS8.6AI score0.45126EPSS
cve
cve
added 2012/11/21 12:55 p.m.67 views

CVE-2012-4217

Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

9.3CVSS8.8AI score0.02868EPSS
cve
cve
added 2012/11/11 1:0 p.m.67 views

CVE-2012-4564

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.

6.8CVSS8.7AI score0.2646EPSS
cve
cve
added 2013/03/20 4:55 p.m.67 views

CVE-2013-1653

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code via...

7.1CVSS7.2AI score0.01548EPSS
cve
cve
added 2014/06/02 3:55 p.m.67 views

CVE-2013-6433

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.

7.6CVSS6.6AI score0.01893EPSS
cve
cve
added 2014/04/30 10:49 a.m.67 views

CVE-2014-1519

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

9.3CVSS9.7AI score0.01916EPSS
cve
cve
added 2017/03/20 4:59 p.m.67 views

CVE-2014-9849

The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).

7.5CVSS7.1AI score0.01602EPSS
cve
cve
added 2017/03/20 4:59 p.m.67 views

CVE-2014-9851

ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).

7.5CVSS7.1AI score0.02032EPSS
cve
cve
added 2016/02/23 7:59 p.m.67 views

CVE-2015-8803

The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015...

9.8CVSS8.6AI score0.12343EPSS
cve
cve
added 2016/01/21 3:2 a.m.67 views

CVE-2016-0607

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.

2.8CVSS5.5AI score0.00834EPSS
cve
cve
added 2016/06/05 11:59 p.m.67 views

CVE-2016-1692

WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via a...

5.3CVSS5.9AI score0.00748EPSS
cve
cve
added 2016/12/17 3:59 a.m.67 views

CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.

9.3CVSS7.7AI score0.16283EPSS
Web
cve
cve
added 2017/12/27 5:8 p.m.67 views

CVE-2017-17884

In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.

6.5CVSS6.5AI score0.0045EPSS
cve
cve
added 2018/01/12 8:29 p.m.67 views

CVE-2017-18028

In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.

7.1CVSS6.6AI score0.00728EPSS
cve
cve
added 2018/03/01 9:29 p.m.67 views

CVE-2017-18209

In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

8.8CVSS7AI score0.00389EPSS
cve
cve
added 2018/03/15 7:29 p.m.67 views

CVE-2017-18236

An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.

5.5CVSS5.7AI score0.00173EPSS
cve
cve
added 2018/04/19 2:29 a.m.67 views

CVE-2018-2776

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks ...

4.9CVSS5.1AI score0.00439EPSS
cve
cve
added 2018/02/02 9:29 a.m.67 views

CVE-2018-6541

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.4AI score0.00442EPSS
cve
cve
added 2018/12/07 11:29 p.m.67 views

CVE-2018-9518

In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kerne...

7.8CVSS7.6AI score0.00076EPSS
cve
cve
added 2020/12/09 4:15 a.m.67 views

CVE-2020-27349

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.

5.5CVSS5.3AI score0.00045EPSS
cve
cve
added 2025/03/25 1:15 p.m.67 views

CVE-2022-1804

accountsservice no longer drops permissions when writting .pam_environment

5.5CVSS4AI score0.00019EPSS
cve
cve
added 2006/08/18 7:55 p.m.66 views

CVE-2005-4808

Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file.

7.6CVSS6.5AI score0.01131EPSS
cve
cve
added 2006/08/21 9:4 p.m.66 views

CVE-2006-4093

Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time."

4.9CVSS7AI score0.00062EPSS
cve
cve
added 2006/11/22 1:7 a.m.66 views

CVE-2006-5868

Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.

9.3CVSS6.2AI score0.01166EPSS
cve
cve
added 2007/09/21 7:17 p.m.66 views

CVE-2007-0063

Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allow...

10CVSS7.4AI score0.0759EPSS
cve
cve
added 2008/08/08 7:41 p.m.66 views

CVE-2008-1945

QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.

2.1CVSS7.3AI score0.00112EPSS
Web
cve
cve
added 2008/06/24 7:41 p.m.66 views

CVE-2008-2725

Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the "...

7.8CVSS7AI score0.04012EPSS
cve
cve
added 2008/09/24 8:37 p.m.66 views

CVE-2008-4058

The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.

7.5CVSS9.8AI score0.04454EPSS
cve
cve
added 2009/03/14 6:30 p.m.66 views

CVE-2009-0586

Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a b...

7.5CVSS7.8AI score0.03754EPSS
cve
cve
added 2010/07/12 4:30 p.m.66 views

CVE-2010-0832

pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory, related to "use...

6.9CVSS6.1AI score0.00441EPSS
cve
cve
added 2015/03/09 12:59 a.m.66 views

CVE-2015-1229

net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 (aka Proxy Authentication Required) HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response.

5CVSS6AI score0.00317EPSS
cve
cve
added 2019/11/29 9:15 p.m.66 views

CVE-2015-3406

The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.

7.5CVSS7.2AI score0.01351EPSS
cve
cve
added 2015/08/16 11:59 p.m.66 views

CVE-2015-3749

WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVE...

6.8CVSS8.5AI score0.00998EPSS
cve
cve
added 2015/09/08 3:59 p.m.66 views

CVE-2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors.

6.3CVSS6.1AI score0.00044EPSS
cve
cve
added 2016/01/21 3:2 a.m.66 views

CVE-2016-0595

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML.

4CVSS5.5AI score0.00722EPSS
cve
cve
added 2016/02/12 5:59 a.m.66 views

CVE-2016-2326

Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.

8.8CVSS8.8AI score0.01072EPSS
cve
cve
added 2017/01/06 9:59 p.m.66 views

CVE-2016-2373

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or user can send an invalid mood to trigger this vulnerability.

5.9CVSS6.2AI score0.01448EPSS
Web
cve
cve
added 2016/06/14 2:59 p.m.66 views

CVE-2016-5238

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.

4.4CVSS6.1AI score0.00071EPSS
cve
cve
added 2017/10/05 7:29 a.m.66 views

CVE-2017-15033

ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.

7.5CVSS8.2AI score0.00257EPSS
Total number of security vulnerabilities4105