Lucene search

K
CanonicalUbuntu Linux

691 matches found

CVE
CVE
added 2019/08/13 2:15 p.m.232 views

CVE-2017-18509

An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue...

7.8CVSS7.7AI score0.00044EPSS
CVE
CVE
added 2019/07/11 8:15 p.m.232 views

CVE-2019-1010315

WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: Maliciously crafted .wav file. The fixed ver...

5.5CVSS5.7AI score0.00625EPSS
CVE
CVE
added 2019/04/30 7:29 p.m.232 views

CVE-2019-10131

An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.

7.1CVSS7.7AI score0.00074EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.232 views

CVE-2019-15215

An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.

4.9CVSS6AI score0.00111EPSS
CVE
CVE
added 2019/01/03 4:29 p.m.232 views

CVE-2019-3701

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame modification rule that...

4.9CVSS6.2AI score0.00089EPSS
CVE
CVE
added 2019/02/08 11:29 a.m.232 views

CVE-2019-7636

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.

8.1CVSS8.4AI score0.03732EPSS
CVE
CVE
added 2019/07/11 8:15 p.m.231 views

CVE-2019-1010317

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://git...

5.5CVSS5.9AI score0.01041EPSS
CVE
CVE
added 2019/07/17 12:15 p.m.231 views

CVE-2019-9848

LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary ...

9.8CVSS9.7AI score0.85073EPSS
CVE
CVE
added 2019/01/14 10:29 p.m.230 views

CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this fl...

4.7CVSS5.4AI score0.00086EPSS
CVE
CVE
added 2019/04/09 4:29 a.m.230 views

CVE-2019-10895

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.

7.5CVSS7.2AI score0.08637EPSS
CVE
CVE
added 2019/02/07 7:29 a.m.230 views

CVE-2019-7575

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.

8.8CVSS8.9AI score0.01822EPSS
CVE
CVE
added 2019/11/20 9:15 p.m.229 views

CVE-2015-3166

The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as ...

9.8CVSS9.1AI score0.04887EPSS
CVE
CVE
added 2019/06/26 6:15 p.m.229 views

CVE-2019-12979

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.

7.8CVSS7.8AI score0.00217EPSS
CVE
CVE
added 2019/10/29 7:15 p.m.229 views

CVE-2019-15681

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...

7.5CVSS8.3AI score0.03937EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.229 views

CVE-2019-19057

Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.

3.3CVSS6.1AI score0.0008EPSS
CVE
CVE
added 2019/02/07 7:29 a.m.229 views

CVE-2019-7572

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.

8.8CVSS8.8AI score0.03783EPSS
CVE
CVE
added 2019/02/01 10:29 p.m.228 views

CVE-2019-7308

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.

5.6CVSS6AI score0.00047EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.227 views

CVE-2018-18493

A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < ...

9.8CVSS7.6AI score0.09156EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.227 views

CVE-2019-13752

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5CVSS6.2AI score0.02626EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.226 views

CVE-2018-18492

A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

9.8CVSS7.5AI score0.27057EPSS
CVE
CVE
added 2019/09/23 12:15 p.m.226 views

CVE-2019-16709

ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.

6.5CVSS7AI score0.00135EPSS
CVE
CVE
added 2019/09/23 12:15 p.m.226 views

CVE-2019-16713

ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.

6.5CVSS7.5AI score0.00144EPSS
CVE
CVE
added 2019/11/04 4:15 p.m.226 views

CVE-2019-18683

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streami...

7CVSS7.7AI score0.01138EPSS
CVE
CVE
added 2019/02/05 12:29 a.m.226 views

CVE-2019-7398

In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.

7.5CVSS7.7AI score0.00181EPSS
CVE
CVE
added 2019/07/29 1:15 p.m.225 views

CVE-2019-1020014

docker-credential-helpers before 0.6.3 has a double free in the List functions.

5.5CVSS5.3AI score0.00238EPSS
CVE
CVE
added 2019/09/23 12:15 p.m.225 views

CVE-2019-16708

ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.

6.5CVSS7.4AI score0.00144EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.225 views

CVE-2019-19078

A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.

7.8CVSS7.6AI score0.0334EPSS
CVE
CVE
added 2019/12/03 4:15 p.m.225 views

CVE-2019-19526

In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.

4.9CVSS6AI score0.0005EPSS
CVE
CVE
added 2019/01/02 7:29 a.m.225 views

CVE-2019-3500

aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.

7.8CVSS7.1AI score0.00117EPSS
CVE
CVE
added 2019/06/30 11:15 p.m.224 views

CVE-2019-13114

http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.

6.5CVSS6.1AI score0.00315EPSS
CVE
CVE
added 2019/09/23 12:15 p.m.224 views

CVE-2019-16710

ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.

6.5CVSS7.5AI score0.00144EPSS
CVE
CVE
added 2019/02/07 7:29 a.m.224 views

CVE-2019-7577

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.

8.8CVSS8.8AI score0.03783EPSS
CVE
CVE
added 2019/02/08 11:29 a.m.224 views

CVE-2019-7635

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.

8.1CVSS8.5AI score0.03385EPSS
CVE
CVE
added 2019/02/04 6:29 p.m.223 views

CVE-2019-3813

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.

7.5CVSS7.4AI score0.00272EPSS
CVE
CVE
added 2019/04/09 4:29 a.m.222 views

CVE-2019-10901

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.

7.5CVSS7.2AI score0.10053EPSS
CVE
CVE
added 2019/07/18 8:15 p.m.221 views

CVE-2019-13962

lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.

9.8CVSS9.3AI score0.0194EPSS
CVE
CVE
added 2019/01/28 3:29 p.m.220 views

CVE-2018-10910

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.

4.5CVSS3.9AI score0.00057EPSS
CVE
CVE
added 2019/06/26 6:15 p.m.220 views

CVE-2019-12975

ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.

5.5CVSS6.7AI score0.00091EPSS
CVE
CVE
added 2019/02/26 11:29 p.m.220 views

CVE-2019-9200

A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other ...

8.8CVSS7.2AI score0.03559EPSS
CVE
CVE
added 2019/12/25 4:15 a.m.219 views

CVE-2019-19965

In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.

4.7CVSS6.2AI score0.00061EPSS
CVE
CVE
added 2019/08/20 8:15 p.m.219 views

CVE-2019-2126

In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Andr...

9.3CVSS8.6AI score0.064EPSS
CVE
CVE
added 2019/02/08 11:29 a.m.219 views

CVE-2019-7637

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.

8.8CVSS8.9AI score0.03612EPSS
CVE
CVE
added 2019/04/09 4:29 a.m.218 views

CVE-2019-10894

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

7.5CVSS7.2AI score0.08788EPSS
CVE
CVE
added 2019/04/09 4:29 a.m.218 views

CVE-2019-10899

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.

7.5CVSS7.3AI score0.08788EPSS
CVE
CVE
added 2019/09/11 4:15 p.m.217 views

CVE-2019-16232

drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

4.7CVSS6.1AI score0.00026EPSS
CVE
CVE
added 2019/09/23 12:15 p.m.217 views

CVE-2019-16711

ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.

6.5CVSS7.5AI score0.00144EPSS
CVE
CVE
added 2019/04/09 4:29 a.m.216 views

CVE-2019-10903

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

7.5CVSS7.2AI score0.08788EPSS
CVE
CVE
added 2019/02/07 7:29 a.m.216 views

CVE-2019-7574

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.

8.8CVSS8.8AI score0.03783EPSS
CVE
CVE
added 2019/02/07 7:29 a.m.216 views

CVE-2019-7578

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.

8.1CVSS8.4AI score0.03732EPSS
CVE
CVE
added 2019/02/24 12:29 a.m.216 views

CVE-2019-9075

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.

7.8CVSS7.7AI score0.00285EPSS
Total number of security vulnerabilities691