Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2019/07/04 3:15 p.m.62 views

CVE-2019-13241

FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.

7.8CVSS7.4AI score0.01248EPSS
CVE
CVE
added 2006/05/09 8:2 p.m.61 views

CVE-2006-2275

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer."

7.5CVSS7.2AI score0.03168EPSS
CVE
CVE
added 2006/12/20 1:28 a.m.61 views

CVE-2006-6500

Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an i...

6.8CVSS7.7AI score0.37533EPSS
CVE
CVE
added 2007/02/26 8:28 p.m.61 views

CVE-2007-0778

The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when ...

5.4CVSS5.7AI score0.01036EPSS
CVE
CVE
added 2007/07/04 3:30 p.m.61 views

CVE-2007-2949

Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.

6.8CVSS7.4AI score0.32609EPSS
CVE
CVE
added 2008/07/18 4:41 p.m.61 views

CVE-2008-2934

Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.

8.8CVSS9AI score0.05575EPSS
CVE
CVE
added 2013/02/24 7:55 p.m.61 views

CVE-2012-5624

The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application.

4.3CVSS5.8AI score0.0147EPSS
CVE
CVE
added 2013/03/26 9:55 p.m.61 views

CVE-2013-0454

The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a read-only share; (2) trigg...

4CVSS6.2AI score0.01878EPSS
CVE
CVE
added 2013/03/22 9:55 p.m.61 views

CVE-2013-1838

OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a large number of calls to the addFixedIp functi...

4CVSS6.2AI score0.01427EPSS
CVE
CVE
added 2013/03/22 9:55 p.m.61 views

CVE-2013-1865

OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.

6.8CVSS6.5AI score0.01162EPSS
CVE
CVE
added 2014/05/08 2:29 p.m.61 views

CVE-2013-4544

hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.

4.9CVSS7.1AI score0.00133EPSS
Web
CVE
CVE
added 2015/07/26 10:59 p.m.61 views

CVE-2015-1872

The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via craf...

6.8CVSS7AI score0.00725EPSS
CVE
CVE
added 2015/08/16 11:59 p.m.61 views

CVE-2015-3748

WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVE...

6.8CVSS8.5AI score0.00998EPSS
CVE
CVE
added 2015/09/08 3:59 p.m.61 views

CVE-2015-5199

Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable.

7.2CVSS6.2AI score0.00022EPSS
CVE
CVE
added 2017/07/08 5:29 p.m.61 views

CVE-2017-11111

In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

7.8CVSS6.9AI score0.00253EPSS
CVE
CVE
added 2018/02/02 2:29 p.m.61 views

CVE-2017-14177

Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an...

7.8CVSS7.6AI score0.00109EPSS
CVE
CVE
added 2018/01/12 8:29 p.m.61 views

CVE-2017-18027

In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.

6.5CVSS6.6AI score0.00615EPSS
CVE
CVE
added 2018/01/12 8:29 p.m.61 views

CVE-2017-18029

In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.

6.5CVSS6.6AI score0.00897EPSS
CVE
CVE
added 2018/06/29 2:29 p.m.61 views

CVE-2018-13005

An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read.

9.8CVSS9.3AI score0.00593EPSS
CVE
CVE
added 2019/02/06 11:29 p.m.61 views

CVE-2018-20763

In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.

7.8CVSS7.6AI score0.00253EPSS
CVE
CVE
added 2019/02/12 5:29 p.m.61 views

CVE-2018-20781

In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.

7.8CVSS7.5AI score0.06715EPSS
CVE
CVE
added 2019/09/11 7:15 p.m.61 views

CVE-2019-16236

Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.

7.5CVSS7.3AI score0.00779EPSS
CVE
CVE
added 2005/09/30 10:5 a.m.60 views

CVE-2005-3106

Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.

4.7CVSS4.8AI score0.00078EPSS
CVE
CVE
added 2006/10/05 4:4 a.m.60 views

CVE-2006-5158

The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.

7.5CVSS7.1AI score0.03256EPSS
CVE
CVE
added 2008/08/08 7:41 p.m.60 views

CVE-2008-3535

Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the L...

4.9CVSS4.9AI score0.00047EPSS
CVE
CVE
added 2010/09/24 7:0 p.m.60 views

CVE-2010-1773

Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly e...

8.8CVSS9AI score0.01781EPSS
CVE
CVE
added 2014/03/01 12:55 a.m.60 views

CVE-2011-3634

methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors.

2.6CVSS6.2AI score0.00163EPSS
CVE
CVE
added 2013/03/21 5:55 p.m.60 views

CVE-2013-1051

apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories.

4.3CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2013/08/14 3:55 p.m.60 views

CVE-2013-2126

Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.

7.5CVSS8.1AI score0.03225EPSS
CVE
CVE
added 2014/04/28 2:9 p.m.60 views

CVE-2014-0187

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied.

9CVSS6.1AI score0.00523EPSS
CVE
CVE
added 2015/02/08 11:59 a.m.60 views

CVE-2014-9665

The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG fi...

7.5CVSS8.3AI score0.02167EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.60 views

CVE-2014-9844

The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

5.5CVSS5.7AI score0.00308EPSS
CVE
CVE
added 2015/03/09 12:59 a.m.60 views

CVE-2015-1220

Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in...

6.8CVSS6.8AI score0.03072EPSS
CVE
CVE
added 2015/03/24 5:59 p.m.60 views

CVE-2015-2265

The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.

7.5CVSS7.4AI score0.05767EPSS
CVE
CVE
added 2015/08/16 11:59 p.m.60 views

CVE-2015-3731

WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVE...

6.8CVSS8.5AI score0.00998EPSS
CVE
CVE
added 2015/08/16 11:59 p.m.60 views

CVE-2015-3752

The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive informatio...

5CVSS6.9AI score0.01115EPSS
CVE
CVE
added 2017/09/12 5:29 p.m.60 views

CVE-2017-14342

ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.

6.5CVSS6.8AI score0.00266EPSS
CVE
CVE
added 2017/12/21 3:29 a.m.60 views

CVE-2017-17812

In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack.

5.5CVSS6.1AI score0.00198EPSS
CVE
CVE
added 2017/12/21 3:29 a.m.60 views

CVE-2017-17817

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.

5.5CVSS6.1AI score0.00176EPSS
CVE
CVE
added 2017/12/21 3:29 a.m.60 views

CVE-2017-17818

In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c.

7.5CVSS7.3AI score0.00683EPSS
CVE
CVE
added 2018/06/29 2:29 p.m.60 views

CVE-2018-13006

An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.

9.8CVSS9.3AI score0.00697EPSS
CVE
CVE
added 2018/12/17 7:29 p.m.60 views

CVE-2018-20185

In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.

5.3CVSS5.2AI score0.00896EPSS
CVE
CVE
added 2018/03/06 6:29 p.m.60 views

CVE-2018-7729

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp.

5.5CVSS6.1AI score0.00344EPSS
CVE
CVE
added 2018/03/07 11:29 p.m.60 views

CVE-2018-7752

GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100.

7.8CVSS7.5AI score0.00213EPSS
CVE
CVE
added 2005/05/13 4:0 a.m.59 views

CVE-2005-0758

zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.

4.6CVSS6.8AI score0.0015EPSS
CVE
CVE
added 2006/08/18 7:55 p.m.59 views

CVE-2005-4807

Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.

7.5CVSS7.8AI score0.13593EPSS
CVE
CVE
added 2007/09/21 7:17 p.m.59 views

CVE-2007-0061

The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to...

10CVSS7.3AI score0.14666EPSS
CVE
CVE
added 2014/01/18 9:55 p.m.59 views

CVE-2013-2037

httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary va...

2.6CVSS6.3AI score0.00492EPSS
CVE
CVE
added 2013/10/27 12:55 a.m.59 views

CVE-2013-4428

OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the download_image policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an imag...

3.5CVSS6.1AI score0.00207EPSS
CVE
CVE
added 2013/11/23 11:55 a.m.59 views

CVE-2013-4474

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.

5CVSS7.1AI score0.29757EPSS
Total number of security vulnerabilities4105