Lucene search

K
CanonicalUbuntu Linux

4105 matches found

CVE
CVE
added 2016/12/09 8:59 p.m.418 views

CVE-2016-9014

Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.

8.1CVSS8.6AI score0.04886EPSS
CVE
CVE
added 2019/09/04 9:15 p.m.418 views

CVE-2019-15926

An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.

9.4CVSS8.6AI score0.03934EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.417 views

CVE-2018-3200

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS5AI score0.0019EPSS
CVE
CVE
added 2019/09/03 3:15 p.m.417 views

CVE-2019-10197

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories ...

9.1CVSS7.5AI score0.0479EPSS
CVE
CVE
added 2018/04/29 9:29 p.m.415 views

CVE-2018-10546

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.

7.5CVSS6.8AI score0.46916EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.415 views

CVE-2018-3173

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS5AI score0.0019EPSS
CVE
CVE
added 2025/06/30 9:15 p.m.415 views

CVE-2025-32463

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

9.3CVSS6.6AI score0.29711EPSS
Web
CVE
CVE
added 2020/01/21 6:15 p.m.414 views

CVE-2019-14907

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authenti...

6.5CVSS6.5AI score0.05045EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.414 views

CVE-2019-9453

In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

4.4CVSS4.5AI score0.00207EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.413 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.

6.5CVSS7.1AI score0.00329EPSS
CVE
CVE
added 2016/12/09 8:59 p.m.412 views

CVE-2016-9013

Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually s...

9.8CVSS9AI score0.02723EPSS
CVE
CVE
added 2019/11/25 12:15 p.m.412 views

CVE-2019-14822

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using...

7.1CVSS6.7AI score0.00246EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.412 views

CVE-2019-2422

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to co...

3.1CVSS2.4AI score0.00108EPSS
CVE
CVE
added 2016/10/03 6:59 p.m.411 views

CVE-2016-7401

The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.

7.5CVSS7.5AI score0.03718EPSS
CVE
CVE
added 2019/03/21 4:1 p.m.411 views

CVE-2019-6454

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message t...

5.5CVSS5.5AI score0.00116EPSS
CVE
CVE
added 2020/05/21 4:15 p.m.411 views

CVE-2020-13112

An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

9.1CVSS6.8AI score0.00762EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.409 views

CVE-2019-19063

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.

4.9CVSS6.5AI score0.00075EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.409 views

CVE-2019-2842

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vul...

4.3CVSS3.8AI score0.00224EPSS
CVE
CVE
added 2020/08/20 1:17 a.m.409 views

CVE-2020-15862

Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

7.8CVSS7.9AI score0.0008EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.408 views

CVE-2018-3185

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

5.5CVSS5.5AI score0.00135EPSS
CVE
CVE
added 2020/01/28 1:15 a.m.408 views

CVE-2020-0549

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS5.6AI score0.00122EPSS
CVE
CVE
added 2020/05/08 3:15 p.m.407 views

CVE-2020-10690

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying devi...

6.5CVSS6.5AI score0.00024EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.407 views

CVE-2020-25722

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.

8.8CVSS8.5AI score0.00299EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.406 views

CVE-2018-3284

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve...

4.4CVSS4.6AI score0.00246EPSS
CVE
CVE
added 2019/07/11 7:15 p.m.406 views

CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking...

5.9CVSS7AI score0.0954EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.406 views

CVE-2019-19068

A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.

4.9CVSS6.1AI score0.00094EPSS
CVE
CVE
added 2020/10/07 3:15 p.m.406 views

CVE-2020-14355

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...

6.6CVSS7.2AI score0.02106EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.405 views

CVE-2018-3277

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS5AI score0.0019EPSS
CVE
CVE
added 2019/07/30 11:15 p.m.405 views

CVE-2019-10161

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use ...

8.8CVSS8AI score0.00073EPSS
CVE
CVE
added 2020/05/21 4:15 a.m.405 views

CVE-2020-6463

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9.1AI score0.02781EPSS
CVE
CVE
added 2020/08/21 9:15 p.m.405 views

CVE-2020-8624

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of th...

4.3CVSS6.1AI score0.00659EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.403 views

CVE-2018-3214

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with netw...

5.3CVSS5.5AI score0.00102EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.403 views

CVE-2019-2745

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java...

5.1CVSS4.8AI score0.00063EPSS
CVE
CVE
added 2020/05/18 6:15 p.m.403 views

CVE-2020-13143

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

6.5CVSS6.5AI score0.02148EPSS
CVE
CVE
added 2018/06/12 1:29 p.m.402 views

CVE-2018-0732

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This...

7.5CVSS7.7AI score0.77935EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.401 views

CVE-2019-2738

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protoc...

3.5CVSS3AI score0.0067EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.401 views

CVE-2019-2949

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos...

6.8CVSS6.4AI score0.00358EPSS
CVE
CVE
added 2018/08/22 5:29 p.m.400 views

CVE-2018-10919

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are v...

6.5CVSS6.7AI score0.02605EPSS
CVE
CVE
added 2018/11/28 2:29 p.m.400 views

CVE-2018-16841

Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal...

6.5CVSS6.6AI score0.10936EPSS
CVE
CVE
added 2020/03/24 10:15 p.m.400 views

CVE-2020-10942

In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.

5.4CVSS6.2AI score0.00051EPSS
CVE
CVE
added 2020/06/08 5:15 p.m.400 views

CVE-2020-12049

An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket...

5.5CVSS5.4AI score0.00023EPSS
CVE
CVE
added 2018/11/14 3:29 p.m.399 views

CVE-2018-17466

Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8CVSS7.1AI score0.00881EPSS
CVE
CVE
added 2018/01/16 9:29 a.m.399 views

CVE-2018-5712

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

6.1CVSS7.1AI score0.85775EPSS
CVE
CVE
added 2006/07/28 6:2 p.m.398 views

CVE-2006-3747

Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code v...

7.6CVSS9.7AI score0.92418EPSS
CVE
CVE
added 2019/04/07 12:29 a.m.397 views

CVE-2019-10906

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.

8.6CVSS8.4AI score0.01473EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.397 views

CVE-2020-14577

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to c...

4.3CVSS4.4AI score0.002EPSS
CVE
CVE
added 2020/01/15 5:15 p.m.397 views

CVE-2020-2572

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plugin). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ...

4CVSS3.2AI score0.00321EPSS
CVE
CVE
added 2019/04/22 10:29 p.m.396 views

CVE-2019-11459

The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.

5.5CVSS5.5AI score0.00451EPSS
CVE
CVE
added 2017/02/09 3:59 p.m.395 views

CVE-2016-2148

Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.

9.8CVSS9.6AI score0.15032EPSS
CVE
CVE
added 2019/01/11 9:29 p.m.395 views

CVE-2018-16865

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-jo...

7.8CVSS7.8AI score0.02073EPSS
Total number of security vulnerabilities4105