Lucene search

K
CanonicalUbuntu Linux

4098 matches found

CVE
CVE
added 2010/08/24 8:0 p.m.51 views

CVE-2010-3116

Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to impr...

10CVSS9.2AI score0.12275EPSS
CVE
CVE
added 2019/11/21 2:15 p.m.51 views

CVE-2012-3543

mono 2.10.x ASP.NET Web Form Hash collision DoS

7.5CVSS7.3AI score0.01146EPSS
CVE
CVE
added 2013/04/29 10:55 p.m.51 views

CVE-2013-1926

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.

5.8CVSS6.2AI score0.00702EPSS
CVE
CVE
added 2014/06/01 4:29 a.m.51 views

CVE-2014-3925

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive info...

5CVSS7.2AI score0.00344EPSS
CVE
CVE
added 2014/11/05 11:55 a.m.51 views

CVE-2014-8547

libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data.

7.5CVSS8.9AI score0.00765EPSS
CVE
CVE
added 2015/12/07 8:59 p.m.51 views

CVE-2015-1342

LXCFS before 0.12 does not properly enforce directory escapes, which might allow local users to gain privileges by (1) querying or (2) updating a cgroup.

4.6CVSS6.6AI score0.00056EPSS
CVE
CVE
added 2016/06/09 4:59 p.m.51 views

CVE-2016-1582

LXD before 2.0.2 does not properly set permissions when switching an unprivileged container into privileged mode, which allows local users to access arbitrary world readable paths in the container directory via unspecified vectors.

5.5CVSS5.2AI score0.0004EPSS
CVE
CVE
added 2016/06/13 7:59 p.m.51 views

CVE-2016-4355

Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.

7.5CVSS7.3AI score0.00791EPSS
CVE
CVE
added 2018/12/07 10:29 p.m.51 views

CVE-2018-5807

An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

8.8CVSS7AI score0.00491EPSS
CVE
CVE
added 2018/03/28 8:29 p.m.51 views

CVE-2018-8885

screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._check_permission call.

7CVSS6.5AI score0.0004EPSS
CVE
CVE
added 2006/10/17 10:7 p.m.50 views

CVE-2006-5173

Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a S...

2.1CVSS7AI score0.00065EPSS
CVE
CVE
added 2013/05/21 6:55 p.m.50 views

CVE-2007-6746

telepathy-idle before 0.1.15 does not verify (1) that the issuer is a trusted CA, (2) that the server hostname matches a domain name in the subject's Common Name (CN), or (3) the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...

5.8CVSS6.3AI score0.0025EPSS
CVE
CVE
added 2009/09/10 9:30 p.m.50 views

CVE-2009-2797

The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server.

5CVSS8.1AI score0.0196EPSS
CVE
CVE
added 2012/11/21 12:55 p.m.50 views

CVE-2012-4204

The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

9.3CVSS8.9AI score0.03013EPSS
CVE
CVE
added 2013/04/02 3:22 a.m.50 views

CVE-2013-0240

Gnome Online Accounts (GOA) 3.4.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.5, does not properly validate SSL certificates when creating accounts such as Windows Live and Facebook accounts, which allows man-in-the-middle attackers to obtain sensitive information such as credentials by sniffing the ...

4.3CVSS5.8AI score0.00476EPSS
CVE
CVE
added 2013/10/03 9:55 p.m.50 views

CVE-2013-1063

usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0.2.38 before 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1)...

4.6CVSS6.2AI score0.00061EPSS
CVE
CVE
added 2013/10/03 9:55 p.m.50 views

CVE-2013-1066

language-selector 0.110.x before 0.110.1, 0.90.x before 0.90.1, and 0.79.x before 0.79.4 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) se...

4.6CVSS6.2AI score0.00062EPSS
CVE
CVE
added 2016/04/21 2:59 p.m.50 views

CVE-2013-7449

The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

6.5CVSS6.3AI score0.00297EPSS
CVE
CVE
added 2014/08/19 6:55 p.m.50 views

CVE-2014-4615

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/m...

5CVSS5.9AI score0.0075EPSS
CVE
CVE
added 2015/04/29 8:59 p.m.50 views

CVE-2015-1322

Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or read arbitrary files via a ....

4.6CVSS6.2AI score0.00023EPSS
CVE
CVE
added 2015/01/22 10:59 p.m.50 views

CVE-2015-1346

Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS9.5AI score0.00313EPSS
CVE
CVE
added 2018/02/02 2:29 p.m.50 views

CVE-2017-14180

Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than ...

7.8CVSS7.5AI score0.00052EPSS
CVE
CVE
added 2017/06/07 5:29 a.m.50 views

CVE-2017-9471

In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

5.5CVSS6.8AI score0.00242EPSS
CVE
CVE
added 2010/07/06 5:17 p.m.49 views

CVE-2010-2647

Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an invalid SVG document.

9.3CVSS9.5AI score0.01701EPSS
CVE
CVE
added 2010/09/07 6:0 p.m.49 views

CVE-2010-3259

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sens...

4.3CVSS7.8AI score0.00823EPSS
CVE
CVE
added 2013/11/23 11:55 a.m.49 views

CVE-2010-3443

ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service (unresponsive IRC) via multiple Client-To-Client Protocol (CTCP) requests in a PRIVMSG message.

5CVSS6.6AI score0.0119EPSS
CVE
CVE
added 2014/03/14 3:55 p.m.49 views

CVE-2013-6473

Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.

6.8CVSS7.5AI score0.06837EPSS
CVE
CVE
added 2014/11/05 11:55 a.m.49 views

CVE-2014-8543

libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MM video data.

7.5CVSS8.9AI score0.01402EPSS
CVE
CVE
added 2017/08/25 6:29 p.m.49 views

CVE-2015-1324

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privi...

7.8CVSS7.6AI score0.00109EPSS
CVE
CVE
added 2017/09/20 4:29 p.m.49 views

CVE-2015-1329

Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in oxide-qt in Ubuntu 15.04 and 14.04 LTS might allow remote attackers to execute arbitrary code.

9.3CVSS9.5AI score0.02247EPSS
CVE
CVE
added 2016/04/13 4:59 p.m.49 views

CVE-2016-3982

Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow.

8.8CVSS8.9AI score0.02288EPSS
CVE
CVE
added 2016/06/13 7:59 p.m.49 views

CVE-2016-4574

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.

7.5CVSS7.3AI score0.0109EPSS
CVE
CVE
added 2018/12/07 10:29 p.m.49 views

CVE-2018-5812

An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.

6.5CVSS6.3AI score0.00514EPSS
CVE
CVE
added 2006/11/07 6:7 p.m.48 views

CVE-2006-5779

OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.

7.5CVSS7.2AI score0.51898EPSS
CVE
CVE
added 2010/09/09 10:0 p.m.48 views

CVE-2010-1781

Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element.

6.8CVSS9AI score0.09516EPSS
CVE
CVE
added 2014/04/27 8:55 p.m.48 views

CVE-2011-3152

DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade tarba...

6.4CVSS6.6AI score0.00439EPSS
CVE
CVE
added 2012/06/04 8:55 p.m.48 views

CVE-2012-0944

Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack.

4.3CVSS6.7AI score0.00475EPSS
CVE
CVE
added 2014/10/08 7:55 p.m.48 views

CVE-2014-7230

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.

2.1CVSS6.1AI score0.00123EPSS
CVE
CVE
added 2015/12/07 8:59 p.m.48 views

CVE-2015-1344

The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions, which allows local users to gain privileges by writing a pid to the tasks file.

7.2CVSS6.5AI score0.00037EPSS
CVE
CVE
added 2017/06/22 3:29 p.m.48 views

CVE-2017-9815

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

6.5CVSS6.2AI score0.00498EPSS
CVE
CVE
added 2010/08/24 8:0 p.m.47 views

CVE-2010-3114

The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSepa...

10CVSS8.6AI score0.00625EPSS
CVE
CVE
added 2012/06/19 8:55 p.m.47 views

CVE-2012-0950

The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerabilit...

5CVSS6.6AI score0.00472EPSS
CVE
CVE
added 2012/11/04 10:55 p.m.47 views

CVE-2012-5821

Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.

5.9CVSS5.3AI score0.00237EPSS
CVE
CVE
added 2014/03/18 5:4 p.m.47 views

CVE-2014-2241

The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file.

6.8CVSS6.2AI score0.00581EPSS
CVE
CVE
added 2017/02/13 6:59 p.m.47 views

CVE-2015-8768

click/install.py in click does not require files in package filesystem tarballs to start with ./ (dot slash), which allows remote attackers to install an alternate security policy and gain privileges via a crafted package, as demonstrated by the test.mmrow app for Ubuntu phone.

9.8CVSS9.3AI score0.0159EPSS
CVE
CVE
added 2016/05/13 2:59 p.m.47 views

CVE-2016-1578

Use-after-free vulnerability in Oxide allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to responding synchronously to permission requests.

9.8CVSS9.6AI score0.02417EPSS
CVE
CVE
added 2017/05/18 6:29 a.m.47 views

CVE-2017-9058

In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.

9.8CVSS9.2AI score0.00389EPSS
CVE
CVE
added 2012/06/16 12:55 a.m.46 views

CVE-2011-4408

The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate SSL certificates when using HTTPS, which allows remote attackers to spoof a server and modify or read sensitive data via a man-in-the-middle (MITM) attack.

6.8CVSS6.4AI score0.00414EPSS
CVE
CVE
added 2012/05/31 5:55 p.m.46 views

CVE-2012-0949

The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report.

5CVSS6.5AI score0.00472EPSS
CVE
CVE
added 2013/11/23 6:55 p.m.46 views

CVE-2013-1058

maas-import-pxe-files in MAAS before 13.10 does not verify the integrity of downloaded files, which allows remote attackers to modify these files via a man-in-the-middle (MITM) attack.

5.8CVSS6.4AI score0.00666EPSS
Total number of security vulnerabilities4098