Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2013/10/09 2:54 p.m.57 views

CVE-2013-4256

Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in...

4.6CVSS7.7AI score0.00144EPSS
CVE
CVE
added 2013/07/18 4:51 p.m.57 views

CVE-2013-4668

Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows remote attackers to create arbitrary files via a crafted archive that is not properly handled in a "Keep directory structure" action, related to fr-archiv...

5CVSS6.5AI score0.03981EPSS
CVE
CVE
added 2014/03/14 3:55 p.m.57 views

CVE-2013-6476

The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.

4.4CVSS6.2AI score0.00115EPSS
CVE
CVE
added 2014/07/11 2:55 p.m.57 views

CVE-2014-4167

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.

3.5CVSS6.1AI score0.00558EPSS
CVE
CVE
added 2014/11/05 11:55 a.m.57 views

CVE-2014-8544

libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data.

7.5CVSS8.8AI score0.01036EPSS
CVE
CVE
added 2014/11/05 11:55 a.m.57 views

CVE-2014-8548

Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data.

7.5CVSS8.9AI score0.00712EPSS
CVE
CVE
added 2015/04/08 6:59 p.m.57 views

CVE-2015-1317

Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by deleting all WebContents while a RenderProcessHost instance still exists.

7.5CVSS8.1AI score0.01436EPSS
CVE
CVE
added 2015/09/01 2:59 p.m.57 views

CVE-2015-6727

The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.

5CVSS6.6AI score0.006EPSS
CVE
CVE
added 2017/09/18 1:29 a.m.57 views

CVE-2017-14533

ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.

6.5CVSS7AI score0.00467EPSS
CVE
CVE
added 2017/10/05 7:29 a.m.57 views

CVE-2017-15032

ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

9.8CVSS9.1AI score0.00316EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.57 views

CVE-2017-15217

ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.

6.5CVSS7AI score0.00534EPSS
CVE
CVE
added 2017/06/07 5:29 a.m.57 views

CVE-2017-9473

In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

5.5CVSS6.7AI score0.00262EPSS
CVE
CVE
added 2018/06/01 3:29 p.m.57 views

CVE-2018-11655

In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.

6.5CVSS6.5AI score0.00106EPSS
CVE
CVE
added 2018/04/03 10:29 p.m.57 views

CVE-2018-9240

ncmpc through 0.29 is prone to a NULL pointer dereference flaw. If a user uses the chat screen and another client sends a long chat message, a crash and denial of service could occur.

7.5CVSS7.2AI score0.00436EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.56 views

CVE-2004-1063

PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue ...

10CVSS6.3AI score0.03026EPSS
CVE
CVE
added 2007/09/21 7:17 p.m.56 views

CVE-2007-4497

Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users wit...

5.5CVSS6.1AI score0.00318EPSS
CVE
CVE
added 2010/02/02 4:30 p.m.56 views

CVE-2009-4013

Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control ...

9.8CVSS9.3AI score0.00836EPSS
CVE
CVE
added 2010/08/24 8:0 p.m.56 views

CVE-2010-3116

Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to impr...

10CVSS9.2AI score0.12275EPSS
CVE
CVE
added 2011/03/25 7:55 p.m.56 views

CVE-2011-1400

The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote attackers to execute ...

6.8CVSS7.5AI score0.02061EPSS
CVE
CVE
added 2011/11/29 5:55 p.m.56 views

CVE-2011-4405

The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle (MITM) attack...

7.5CVSS7.5AI score0.01967EPSS
CVE
CVE
added 2013/12/14 5:21 p.m.56 views

CVE-2013-6391

The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2toke...

5.8CVSS6.6AI score0.00495EPSS
CVE
CVE
added 2014/03/11 7:37 p.m.56 views

CVE-2014-0004

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.

6.9CVSS7.4AI score0.00057EPSS
CVE
CVE
added 2014/08/19 6:55 p.m.56 views

CVE-2014-4615

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/m...

5CVSS5.9AI score0.0075EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.56 views

CVE-2014-6418

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor.

7.1CVSS7.7AI score0.05251EPSS
CVE
CVE
added 2015/03/09 12:59 a.m.56 views

CVE-2015-1216

Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact vi...

7.5CVSS6.7AI score0.01073EPSS
CVE
CVE
added 2017/07/25 6:29 p.m.56 views

CVE-2015-1332

The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted website.

8.8CVSS8.7AI score0.01138EPSS
CVE
CVE
added 2015/01/22 10:59 p.m.56 views

CVE-2015-1346

Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS9.5AI score0.00313EPSS
CVE
CVE
added 2015/06/08 2:59 p.m.56 views

CVE-2015-3905

Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.

7.5CVSS7.7AI score0.04715EPSS
CVE
CVE
added 2018/05/31 4:29 p.m.56 views

CVE-2018-11625

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.

8.8CVSS8.1AI score0.00193EPSS
CVE
CVE
added 2018/07/01 10:29 p.m.56 views

CVE-2018-13043

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

9.8CVSS9.4AI score0.01277EPSS
CVE
CVE
added 2019/02/06 11:29 p.m.56 views

CVE-2018-20761

GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.

7.8CVSS7.5AI score0.00293EPSS
CVE
CVE
added 2018/12/07 10:29 p.m.56 views

CVE-2018-5807

An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

8.8CVSS7AI score0.00481EPSS
CVE
CVE
added 2019/03/29 5:29 a.m.56 views

CVE-2019-10269

BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.

10CVSS9.4AI score0.00833EPSS
CVE
CVE
added 2020/08/06 11:15 p.m.56 views

CVE-2020-15701

An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7....

5.5CVSS5.4AI score0.0013EPSS
CVE
CVE
added 2024/06/04 10:15 p.m.56 views

CVE-2022-28655

is_closing_session() allows users to create arbitrary tcp dbus connections

7.1CVSS6.6AI score0.00039EPSS
CVE
CVE
added 2007/03/21 7:19 p.m.55 views

CVE-2007-1562

The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.

6.8CVSS5.5AI score0.29035EPSS
CVE
CVE
added 2007/09/21 7:17 p.m.55 views

CVE-2007-5023

Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privile...

6.9CVSS6.7AI score0.00072EPSS
CVE
CVE
added 2008/05/16 12:54 p.m.55 views

CVE-2008-2009

Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.

4.3CVSS6.5AI score0.0434EPSS
CVE
CVE
added 2010/07/06 5:17 p.m.55 views

CVE-2010-2648

The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

9.3CVSS8.9AI score0.02851EPSS
CVE
CVE
added 2010/09/07 6:0 p.m.55 views

CVE-2010-3259

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sens...

4.3CVSS7.8AI score0.00823EPSS
CVE
CVE
added 2012/06/07 9:55 p.m.55 views

CVE-2012-0948

DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows local users to obtain repository credentials.

2.1CVSS6.3AI score0.00053EPSS
Web
CVE
CVE
added 2014/05/21 2:55 p.m.55 views

CVE-2012-1166

The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.

10CVSS7.6AI score0.04374EPSS
CVE
CVE
added 2013/04/03 12:55 a.m.55 views

CVE-2012-6129

Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted "micro transport protocol packets."

7.5CVSS8AI score0.02677EPSS
CVE
CVE
added 2013/02/13 1:55 a.m.55 views

CVE-2013-0241

The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service (guest crash or hang) via a SPICE connection that prevents other threads from obtaining the qemu_mutex mutex. NOTE: some of these details are obtained from third party information.

2.1CVSS6AI score0.00059EPSS
CVE
CVE
added 2013/10/03 9:55 p.m.55 views

CVE-2013-1061

dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before 0.92.17.3, 0.92.9 before 0.92.9.3, and 0.82.7 before 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess...

4.6CVSS6.1AI score0.00062EPSS
CVE
CVE
added 2014/06/01 4:29 a.m.55 views

CVE-2014-3925

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive info...

5CVSS7.2AI score0.00344EPSS
CVE
CVE
added 2016/04/20 4:59 p.m.55 views

CVE-2015-7801

Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers to execute arbitrary code via a crafted PNG file.

9.3CVSS8.6AI score0.02392EPSS
CVE
CVE
added 2016/06/09 4:59 p.m.55 views

CVE-2016-1581

LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.

5.5CVSS5.2AI score0.00035EPSS
CVE
CVE
added 2016/06/13 7:59 p.m.55 views

CVE-2016-4353

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.

7.5CVSS7.2AI score0.00796EPSS
CVE
CVE
added 2016/06/13 7:59 p.m.55 views

CVE-2016-4355

Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.

7.5CVSS7.3AI score0.00791EPSS
Total number of security vulnerabilities4105