Lucene search

K
CanonicalUbuntu Linux

691 matches found

CVE
CVE
added 2019/05/29 5:29 p.m.254 views

CVE-2019-12449

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.

5.7CVSS6AI score0.00515EPSS
CVE
CVE
added 2019/01/29 12:29 a.m.254 views

CVE-2019-7150

An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-o...

5.5CVSS6.9AI score0.00136EPSS
CVE
CVE
added 2019/01/03 4:29 p.m.253 views

CVE-2018-16882

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' ...

8.8CVSS8.1AI score0.00111EPSS
CVE
CVE
added 2019/11/21 11:15 p.m.253 views

CVE-2019-19221

In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.

5.5CVSS5.4AI score0.00069EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.253 views

CVE-2019-2632

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to comprom...

7.5CVSS5.4AI score0.00459EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.252 views

CVE-2019-2950

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful att...

4.9CVSS4.8AI score0.01614EPSS
CVE
CVE
added 2019/12/03 4:15 p.m.251 views

CVE-2019-19524

In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.

4.9CVSS6.6AI score0.00051EPSS
CVE
CVE
added 2019/04/24 5:29 a.m.249 views

CVE-2019-11498

WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data.

6.5CVSS6.2AI score0.01699EPSS
CVE
CVE
added 2019/07/01 2:15 a.m.249 views

CVE-2019-13117

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.

5.3CVSS5.9AI score0.05184EPSS
CVE
CVE
added 2019/09/08 3:15 a.m.249 views

CVE-2019-16092

Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.

9.8CVSS9.2AI score0.00392EPSS
CVE
CVE
added 2019/09/09 5:15 p.m.248 views

CVE-2019-16167

sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.

5.5CVSS5.7AI score0.00175EPSS
CVE
CVE
added 2019/12/08 2:15 a.m.248 views

CVE-2019-19448

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the ...

7.8CVSS7AI score0.00186EPSS
CVE
CVE
added 2019/08/12 11:15 p.m.247 views

CVE-2019-14981

In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.

6.5CVSS7.2AI score0.00572EPSS
CVE
CVE
added 2019/06/07 8:29 p.m.247 views

CVE-2019-2101

In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android...

5.5CVSS5.9AI score0.00111EPSS
CVE
CVE
added 2019/02/06 8:29 p.m.247 views

CVE-2019-3823

libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to smtp_endofresp() isn't NUL terminated and contains no character ending the parsed number, and len is set to 5, then the strtol() call ...

7.5CVSS8.5AI score0.01536EPSS
CVE
CVE
added 2019/09/08 3:15 a.m.246 views

CVE-2019-16094

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

7.5CVSS8.3AI score0.00423EPSS
CVE
CVE
added 2019/09/09 5:15 p.m.246 views

CVE-2019-16163

Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.

7.5CVSS8.4AI score0.00087EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.246 views

CVE-2019-19051

A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7.

5.5CVSS6.3AI score0.00046EPSS
CVE
CVE
added 2019/12/11 6:16 p.m.246 views

CVE-2019-19725

sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c.

9.8CVSS9.3AI score0.00198EPSS
CVE
CVE
added 2019/02/05 9:29 p.m.245 views

CVE-2018-18500

A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, ...

9.8CVSS7.1AI score0.32159EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.245 views

CVE-2019-15211

An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.

4.9CVSS6AI score0.00111EPSS
CVE
CVE
added 2019/09/08 3:15 a.m.245 views

CVE-2019-16093

Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

9.8CVSS9.3AI score0.00452EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.245 views

CVE-2019-2920

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 5.3.13 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL ...

5.3CVSS4.5AI score0.02034EPSS
CVE
CVE
added 2019/02/22 3:29 p.m.245 views

CVE-2019-9003

In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.

7.8CVSS7.3AI score0.07134EPSS
CVE
CVE
added 2019/02/22 3:29 p.m.244 views

CVE-2018-20784

In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.

9.8CVSS9.2AI score0.00673EPSS
CVE
CVE
added 2019/09/21 9:15 p.m.244 views

CVE-2019-16680

An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.

4.3CVSS4.3AI score0.0137EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.244 views

CVE-2019-9232

In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483

7.5CVSS7.2AI score0.01653EPSS
CVE
CVE
added 2019/09/03 5:15 a.m.243 views

CVE-2015-9383

FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.

6.5CVSS6.5AI score0.01343EPSS
CVE
CVE
added 2019/09/19 2:15 p.m.242 views

CVE-2019-11779

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur.

6.5CVSS6.6AI score0.07123EPSS
CVE
CVE
added 2019/10/14 2:15 a.m.242 views

CVE-2019-17542

FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.

9.8CVSS9.5AI score0.00639EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.242 views

CVE-2019-19077

A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy to udata failures, aka CID-4a9d46a9fe14.

5.5CVSS6.3AI score0.00127EPSS
CVE
CVE
added 2019/07/17 8:15 p.m.240 views

CVE-2019-13619

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.

7.5CVSS7.3AI score0.06514EPSS
CVE
CVE
added 2019/11/27 4:15 p.m.238 views

CVE-2019-10220

Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.

9.3CVSS8.9AI score0.00709EPSS
CVE
CVE
added 2019/07/01 8:15 p.m.238 views

CVE-2019-13137

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.

6.5CVSS7AI score0.01192EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.238 views

CVE-2019-2791

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

5.5CVSS3.7AI score0.00179EPSS
CVE
CVE
added 2019/06/10 12:29 p.m.237 views

CVE-2019-12387

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

6.1CVSS6.2AI score0.00701EPSS
CVE
CVE
added 2019/01/11 5:29 a.m.237 views

CVE-2019-6128

The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.

8.8CVSS8.4AI score0.02457EPSS
CVE
CVE
added 2019/03/07 11:29 p.m.237 views

CVE-2019-7175

In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.

7.5CVSS7.8AI score0.00181EPSS
CVE
CVE
added 2019/02/05 12:29 a.m.237 views

CVE-2019-7397

In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.

7.5CVSS7.4AI score0.00203EPSS
CVE
CVE
added 2019/09/04 9:15 p.m.236 views

CVE-2019-15925

An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.

7.8CVSS7.3AI score0.00075EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.236 views

CVE-2019-2566

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

4.9CVSS4.6AI score0.0026EPSS
CVE
CVE
added 2019/04/22 11:29 a.m.235 views

CVE-2019-11235

FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.

9.8CVSS8.1AI score0.06662EPSS
CVE
CVE
added 2019/09/08 3:15 a.m.235 views

CVE-2019-16095

Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.

7.5CVSS8.3AI score0.00428EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.235 views

CVE-2019-2741

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Log). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise M...

5.3CVSS5.3AI score0.00238EPSS
CVE
CVE
added 2019/02/06 8:29 p.m.234 views

CVE-2018-16890

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (lib/vauth/ntlm.c:ntlm_decode_type2_target) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that ...

7.5CVSS8.6AI score0.01104EPSS
CVE
CVE
added 2019/02/05 9:29 p.m.234 views

CVE-2018-18501

Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thu...

9.8CVSS8AI score0.03064EPSS
CVE
CVE
added 2019/12/18 7:15 p.m.234 views

CVE-2019-19844

Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user ...

9.8CVSS9.2AI score0.12612EPSS
CVE
CVE
added 2019/01/23 7:29 p.m.234 views

CVE-2019-6706

Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.

7.5CVSS7.3AI score0.01247EPSS
CVE
CVE
added 2019/07/01 2:15 p.m.233 views

CVE-2019-12781

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest....

5.3CVSS5.6AI score0.02419EPSS
CVE
CVE
added 2019/09/08 3:15 a.m.233 views

CVE-2019-16091

Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.

7.5CVSS8.3AI score0.00428EPSS
Total number of security vulnerabilities691