Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2018/04/29 9:29 p.m.410 views

CVE-2018-10546

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.

7.5CVSS6.8AI score0.47506EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.410 views

CVE-2018-3143

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to comprom...

6.5CVSS6.9AI score0.00261EPSS
CVE
CVE
added 2020/01/21 6:15 p.m.410 views

CVE-2019-14907

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authenti...

6.5CVSS6.5AI score0.05045EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.410 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.

6.5CVSS7.1AI score0.00329EPSS
CVE
CVE
added 2018/12/11 4:29 p.m.409 views

CVE-2018-18356

An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.02245EPSS
CVE
CVE
added 2019/11/25 12:15 p.m.409 views

CVE-2019-14822

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using...

7.1CVSS6.7AI score0.00246EPSS
CVE
CVE
added 2019/03/21 4:1 p.m.408 views

CVE-2019-6454

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message t...

5.5CVSS5.5AI score0.00116EPSS
CVE
CVE
added 2016/10/03 6:59 p.m.407 views

CVE-2016-7401

The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.

7.5CVSS7.5AI score0.06628EPSS
Web
CVE
CVE
added 2020/08/20 1:17 a.m.407 views

CVE-2020-15862

Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

7.8CVSS7.9AI score0.0008EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.406 views

CVE-2019-18808

A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.

5.5CVSS6.1AI score0.0002EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.405 views

CVE-2019-2531

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protoc...

4.9CVSS4.8AI score0.00131EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.405 views

CVE-2019-2975

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple proto...

5.8CVSS4.8AI score0.00279EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.405 views

CVE-2020-25722

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.

8.8CVSS8.5AI score0.00299EPSS
CVE
CVE
added 2019/07/11 7:15 p.m.404 views

CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking...

5.9CVSS7AI score0.08904EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.404 views

CVE-2019-19063

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.

4.9CVSS6.5AI score0.00075EPSS
CVE
CVE
added 2020/01/28 1:15 a.m.404 views

CVE-2020-0549

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS5.6AI score0.00122EPSS
CVE
CVE
added 2020/05/21 4:15 p.m.404 views

CVE-2020-13112

An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

9.1CVSS6.8AI score0.00762EPSS
CVE
CVE
added 2020/10/07 3:15 p.m.403 views

CVE-2020-14355

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...

6.6CVSS7.2AI score0.02106EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.402 views

CVE-2019-19068

A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.

4.9CVSS6.1AI score0.00094EPSS
CVE
CVE
added 2020/08/21 9:15 p.m.401 views

CVE-2020-8624

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of th...

4.3CVSS6.1AI score0.00659EPSS
CVE
CVE
added 2019/07/30 11:15 p.m.400 views

CVE-2019-10161

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use ...

8.8CVSS8AI score0.00073EPSS
CVE
CVE
added 2006/07/28 6:2 p.m.398 views

CVE-2006-3747

Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code v...

7.6CVSS9.7AI score0.92418EPSS
CVE
CVE
added 2018/06/12 1:29 p.m.398 views

CVE-2018-0732

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This...

7.5CVSS7.7AI score0.50927EPSS
CVE
CVE
added 2018/11/28 2:29 p.m.398 views

CVE-2018-16841

Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal...

6.5CVSS6.6AI score0.11121EPSS
CVE
CVE
added 2020/06/08 5:15 p.m.397 views

CVE-2020-12049

An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket...

5.5CVSS5.4AI score0.00023EPSS
CVE
CVE
added 2018/08/22 5:29 p.m.396 views

CVE-2018-10919

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are v...

6.5CVSS6.7AI score0.02605EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.396 views

CVE-2018-3200

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS5AI score0.0019EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.395 views

CVE-2018-3173

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS5AI score0.0019EPSS
CVE
CVE
added 2019/04/07 12:29 a.m.394 views

CVE-2019-10906

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.

8.6CVSS8.4AI score0.01473EPSS
CVE
CVE
added 2019/04/22 10:29 p.m.394 views

CVE-2019-11459

The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.

5.5CVSS5.5AI score0.00451EPSS
CVE
CVE
added 2019/08/25 4:15 p.m.394 views

CVE-2019-15538

An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a...

7.8CVSS7.9AI score0.13455EPSS
CVE
CVE
added 2018/01/16 9:29 a.m.393 views

CVE-2018-5712

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

6.1CVSS7.1AI score0.85775EPSS
CVE
CVE
added 2017/02/09 3:59 p.m.392 views

CVE-2016-2148

Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.

9.8CVSS9.6AI score0.15842EPSS
CVE
CVE
added 2019/01/11 9:29 p.m.392 views

CVE-2018-16865

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-jo...

7.8CVSS7.8AI score0.02073EPSS
CVE
CVE
added 2020/05/08 3:15 p.m.392 views

CVE-2020-10690

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying devi...

6.5CVSS6.5AI score0.00024EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.391 views

CVE-2019-2422

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to co...

3.1CVSS2.4AI score0.00108EPSS
CVE
CVE
added 2025/06/30 9:15 p.m.391 views

CVE-2025-32463

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

9.3CVSS6.6AI score0.26924EPSS
Web
CVE
CVE
added 2018/08/09 8:29 p.m.390 views

CVE-2018-10915

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side co...

8.5CVSS7.3AI score0.01557EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.390 views

CVE-2019-15220

An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

4.9CVSS6AI score0.00111EPSS
CVE
CVE
added 2019/12/10 11:15 p.m.389 views

CVE-2019-14861

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permis...

5.3CVSS5.3AI score0.00885EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.389 views

CVE-2019-19060

A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.

7.8CVSS7.5AI score0.00676EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.389 views

CVE-2019-2842

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vul...

4.3CVSS3.8AI score0.00224EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.388 views

CVE-2018-3185

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

5.5CVSS5.5AI score0.00135EPSS
CVE
CVE
added 2020/05/09 9:15 p.m.388 views

CVE-2020-12769

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

5.5CVSS5.7AI score0.00063EPSS
CVE
CVE
added 2020/05/18 6:15 p.m.388 views

CVE-2020-13143

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

6.5CVSS6.5AI score0.02148EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.387 views

CVE-2019-19045

A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.

4.9CVSS5.8AI score0.00058EPSS
CVE
CVE
added 2020/05/21 4:15 a.m.387 views

CVE-2020-6463

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9.1AI score0.02781EPSS
CVE
CVE
added 2018/06/26 4:29 p.m.385 views

CVE-2018-1000517

BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixe...

9.8CVSS9.4AI score0.39905EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.385 views

CVE-2018-3284

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve...

4.4CVSS4.6AI score0.00246EPSS
CVE
CVE
added 2019/08/16 12:15 a.m.385 views

CVE-2019-15090

An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.

6.7CVSS7.1AI score0.00116EPSS
Total number of security vulnerabilities4105