Lucene search

K
CanonicalUbuntu Linux

4098 matches found

CVE
CVE
added 2014/05/21 2:55 p.m.54 views

CVE-2012-1166

The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.

10CVSS7.6AI score0.04374EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.54 views

CVE-2012-5830

Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.

8.8CVSS8.9AI score0.01446EPSS
CVE
CVE
added 2013/04/29 10:55 p.m.54 views

CVE-2013-1927

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."

6.8CVSS7.4AI score0.02192EPSS
CVE
CVE
added 2014/07/11 2:55 p.m.54 views

CVE-2014-4167

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.

3.5CVSS6.1AI score0.00558EPSS
CVE
CVE
added 2014/11/05 11:55 a.m.54 views

CVE-2014-8548

Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data.

7.5CVSS8.9AI score0.00712EPSS
CVE
CVE
added 2016/04/20 4:59 p.m.54 views

CVE-2015-7801

Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers to execute arbitrary code via a crafted PNG file.

9.3CVSS8.6AI score0.06761EPSS
CVE
CVE
added 2016/06/09 4:59 p.m.54 views

CVE-2016-1581

LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.

5.5CVSS5.2AI score0.00035EPSS
CVE
CVE
added 2016/06/13 7:59 p.m.54 views

CVE-2016-4353

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.

7.5CVSS7.2AI score0.00796EPSS
CVE
CVE
added 2016/12/17 3:59 a.m.54 views

CVE-2016-9950

An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this pa...

9.3CVSS7.6AI score0.02361EPSS
CVE
CVE
added 2017/10/05 7:29 a.m.54 views

CVE-2017-15032

ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

9.8CVSS9.1AI score0.00316EPSS
CVE
CVE
added 2017/12/21 3:29 a.m.54 views

CVE-2017-17815

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts.

5.5CVSS6.1AI score0.00198EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.54 views

CVE-2017-17886

In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file.

6.5CVSS6.3AI score0.00447EPSS
CVE
CVE
added 2018/05/31 4:29 p.m.54 views

CVE-2018-11625

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.

8.8CVSS8.1AI score0.00193EPSS
CVE
CVE
added 2018/07/01 10:29 p.m.54 views

CVE-2018-13043

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

9.8CVSS9.4AI score0.01277EPSS
CVE
CVE
added 2019/02/06 11:29 p.m.54 views

CVE-2018-20761

GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.

7.8CVSS7.5AI score0.00251EPSS
CVE
CVE
added 2018/02/27 10:29 p.m.54 views

CVE-2018-7548

In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result.

9.8CVSS8.4AI score0.00222EPSS
CVE
CVE
added 2007/09/21 7:17 p.m.53 views

CVE-2007-4496

Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authentic...

6.5CVSS7AI score0.00336EPSS
CVE
CVE
added 2008/12/17 11:30 p.m.53 views

CVE-2008-5502

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEntity and FastAppendChar functions.

5CVSS9.2AI score0.02809EPSS
CVE
CVE
added 2010/07/06 5:17 p.m.53 views

CVE-2010-2648

The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

9.3CVSS8.9AI score0.02851EPSS
CVE
CVE
added 2010/08/24 8:0 p.m.53 views

CVE-2010-3113

Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonControll...

10CVSS9.2AI score0.03062EPSS
CVE
CVE
added 2013/04/03 12:55 a.m.53 views

CVE-2012-6129

Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted "micro transport protocol packets."

7.5CVSS8AI score0.02677EPSS
CVE
CVE
added 2014/07/29 2:55 p.m.53 views

CVE-2014-4909

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.

6.8CVSS7.7AI score0.09187EPSS
CVE
CVE
added 2015/03/09 12:59 a.m.53 views

CVE-2015-1216

Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact vi...

7.5CVSS6.7AI score0.01073EPSS
CVE
CVE
added 2015/06/08 2:59 p.m.53 views

CVE-2015-3905

Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.

7.5CVSS7.7AI score0.04715EPSS
CVE
CVE
added 2016/06/30 5:59 p.m.53 views

CVE-2016-5360

HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors.

7.5CVSS7.9AI score0.46077EPSS
CVE
CVE
added 2017/09/18 1:29 a.m.53 views

CVE-2017-14533

ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.

6.5CVSS7AI score0.00467EPSS
CVE
CVE
added 2018/06/01 3:29 p.m.53 views

CVE-2018-11655

In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.

6.5CVSS6.5AI score0.00253EPSS
CVE
CVE
added 2018/01/12 9:29 a.m.53 views

CVE-2018-5358

ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.

6.5CVSS6.9AI score0.00406EPSS
CVE
CVE
added 2019/11/13 6:15 p.m.53 views

CVE-2019-2214

In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ...

7.8CVSS8AI score0.00054EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.52 views

CVE-2005-1111

Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.

4.7CVSS4.4AI score0.00075EPSS
CVE
CVE
added 2007/01/10 12:0 a.m.52 views

CVE-2006-6143

The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possi...

9.3CVSS7.5AI score0.28213EPSS
CVE
CVE
added 2008/03/06 9:44 p.m.52 views

CVE-2008-1195

Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java A...

9.3CVSS8.4AI score0.19387EPSS
CVE
CVE
added 2008/05/16 12:54 p.m.52 views

CVE-2008-2009

Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.

4.3CVSS6.5AI score0.0434EPSS
CVE
CVE
added 2010/09/07 6:0 p.m.52 views

CVE-2010-3248

Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors.

5CVSS9.1AI score0.00435EPSS
CVE
CVE
added 2010/09/07 6:0 p.m.52 views

CVE-2010-3257

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus.

9.3CVSS9AI score0.12151EPSS
CVE
CVE
added 2011/02/23 7:0 p.m.52 views

CVE-2011-0725

Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface.

4.9CVSS6.3AI score0.00054EPSS
CVE
CVE
added 2014/03/06 3:55 p.m.52 views

CVE-2011-3153

dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.

1.9CVSS6.1AI score0.00052EPSS
CVE
CVE
added 2014/05/14 12:55 a.m.52 views

CVE-2011-4407

ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository.

4.3CVSS6.3AI score0.00134EPSS
CVE
CVE
added 2013/02/13 1:55 a.m.52 views

CVE-2013-0241

The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service (guest crash or hang) via a SPICE connection that prevents other threads from obtaining the qemu_mutex mutex. NOTE: some of these details are obtained from third party information.

2.1CVSS6AI score0.00059EPSS
CVE
CVE
added 2013/10/03 9:55 p.m.52 views

CVE-2013-1061

dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0.92.17.3, 0.92.9 before 0.92.9.3, and 0.82.7 before 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess...

4.6CVSS6.1AI score0.00062EPSS
CVE
CVE
added 2013/12/14 5:21 p.m.52 views

CVE-2013-6391

The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2toke...

5.8CVSS6.6AI score0.00495EPSS
CVE
CVE
added 2014/03/11 7:37 p.m.52 views

CVE-2014-0004

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.

6.9CVSS7.4AI score0.00057EPSS
CVE
CVE
added 2014/07/24 2:55 p.m.52 views

CVE-2014-1419

Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

6.9CVSS6.3AI score0.00035EPSS
CVE
CVE
added 2015/05/19 6:59 p.m.52 views

CVE-2015-3407

Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files.

5CVSS7.3AI score0.00415EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.52 views

CVE-2017-15217

ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.

6.5CVSS7AI score0.00534EPSS
CVE
CVE
added 2017/04/12 10:59 p.m.52 views

CVE-2017-5936

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions.

7.5CVSS7.5AI score0.02467EPSS
CVE
CVE
added 2018/03/06 6:29 p.m.52 views

CVE-2018-7731

An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class.

5.5CVSS6AI score0.00478EPSS
CVE
CVE
added 2020/08/06 11:15 p.m.52 views

CVE-2020-15702

TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges...

7CVSS7AI score0.00089EPSS
CVE
CVE
added 2007/03/21 7:19 p.m.51 views

CVE-2007-1562

The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.

6.8CVSS5.5AI score0.29035EPSS
CVE
CVE
added 2010/02/02 4:30 p.m.51 views

CVE-2009-4013

Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control ...

9.8CVSS9.3AI score0.00836EPSS
Total number of security vulnerabilities4098