Lucene search

K
CanonicalUbuntu Linux12.04

1413 matches found

CVE
CVE
added 2015/03/30 10:59 a.m.190 views

CVE-2014-9709

The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.

5CVSS6.9AI score0.12267EPSS
CVE
CVE
added 2015/11/13 3:59 a.m.189 views

CVE-2015-8126

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly ha...

7.5CVSS7.9AI score0.04755EPSS
CVE
CVE
added 2016/06/30 5:59 p.m.189 views

CVE-2016-4472

The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and...

8.1CVSS8.9AI score0.05699EPSS
CVE
CVE
added 2018/07/17 5:29 p.m.189 views

CVE-2018-14359

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.

9.8CVSS9.5AI score0.03804EPSS
CVE
CVE
added 2016/05/05 1:59 a.m.188 views

CVE-2016-2105

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

7.5CVSS7.7AI score0.508EPSS
CVE
CVE
added 2016/06/20 1:59 a.m.187 views

CVE-2016-2178

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.

5.5CVSS7.2AI score0.00305EPSS
CVE
CVE
added 2016/05/23 10:59 a.m.187 views

CVE-2016-4578

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinter...

5.5CVSS5.9AI score0.00271EPSS
CVE
CVE
added 2018/03/06 8:29 p.m.187 views

CVE-2018-7185

The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.

7.5CVSS7.2AI score0.11185EPSS
CVE
CVE
added 2013/11/28 4:37 a.m.186 views

CVE-2013-6712

The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.

5CVSS5.5AI score0.22786EPSS
CVE
CVE
added 2014/11/04 4:55 p.m.186 views

CVE-2014-3660

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a va...

5CVSS5.9AI score0.04812EPSS
CVE
CVE
added 2019/11/20 9:15 p.m.186 views

CVE-2015-3167

contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.

7.5CVSS8.1AI score0.02851EPSS
CVE
CVE
added 2016/05/23 10:59 a.m.186 views

CVE-2016-4913

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs fil...

7.8CVSS7.4AI score0.00067EPSS
CVE
CVE
added 2016/10/03 6:59 p.m.186 views

CVE-2016-6352

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.

7.5CVSS7.1AI score0.01783EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.185 views

CVE-2015-0408

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.

10CVSS3.8AI score0.09938EPSS
CVE
CVE
added 2016/12/13 8:59 p.m.185 views

CVE-2016-6313

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.

5.3CVSS5.6AI score0.03477EPSS
CVE
CVE
added 2018/09/17 2:29 p.m.185 views

CVE-2018-11781

Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.

7.8CVSS7.6AI score0.00262EPSS
CVE
CVE
added 2020/07/20 6:15 p.m.185 views

CVE-2020-3481

A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could ex...

7.5CVSS7.3AI score0.04244EPSS
CVE
CVE
added 2014/07/29 2:55 p.m.184 views

CVE-2014-5030

CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.

1.9CVSS7AI score0.00052EPSS
CVE
CVE
added 2018/12/28 4:29 p.m.184 views

CVE-2018-20547

There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data.

8.1CVSS8.2AI score0.00893EPSS
CVE
CVE
added 2018/02/26 8:29 p.m.184 views

CVE-2018-7492

A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.

5.5CVSS5.7AI score0.0008EPSS
CVE
CVE
added 2016/04/25 2:59 p.m.183 views

CVE-2016-4054

Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.

8.1CVSS8.7AI score0.77003EPSS
CVE
CVE
added 2018/08/20 2:29 a.m.182 views

CVE-2018-15572

The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.

6.5CVSS6.3AI score0.00044EPSS
CVE
CVE
added 2017/12/20 11:29 p.m.181 views

CVE-2017-17806

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SH...

7.8CVSS7.4AI score0.00042EPSS
CVE
CVE
added 2018/12/28 4:29 p.m.181 views

CVE-2018-20549

There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.

8.8CVSS8.4AI score0.00828EPSS
CVE
CVE
added 2015/04/28 2:59 p.m.180 views

CVE-2015-1774

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.

6.8CVSS7.7AI score0.27958EPSS
CVE
CVE
added 2016/02/08 3:59 a.m.180 views

CVE-2015-8767

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

6.2CVSS5.4AI score0.00121EPSS
CVE
CVE
added 2016/06/10 3:59 p.m.180 views

CVE-2016-4429

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.

5.9CVSS6.8AI score0.016EPSS
CVE
CVE
added 2018/07/17 5:29 p.m.180 views

CVE-2018-14350

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.

9.8CVSS9.5AI score0.06747EPSS
CVE
CVE
added 2016/01/21 3:0 a.m.179 views

CVE-2016-0483

Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commen...

10CVSS7.2AI score0.12013EPSS
CVE
CVE
added 2018/09/17 2:29 p.m.179 views

CVE-2017-15705

A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssassin, using HTML::Parser, we setup an object and ho...

5.3CVSS5.9AI score0.01839EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.179 views

CVE-2018-3070

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols ...

6.5CVSS5.1AI score0.00884EPSS
CVE
CVE
added 2015/02/24 3:59 p.m.178 views

CVE-2013-7423

The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.

5CVSS7.3AI score0.03151EPSS
CVE
CVE
added 2017/06/27 8:29 p.m.178 views

CVE-2015-5180

res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).

7.5CVSS7.6AI score0.00409EPSS
CVE
CVE
added 2016/04/27 5:59 p.m.178 views

CVE-2015-8812

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.

10CVSS9.4AI score0.07948EPSS
CVE
CVE
added 2018/03/08 8:29 p.m.178 views

CVE-2018-7183

Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.

9.8CVSS7.9AI score0.14768EPSS
CVE
CVE
added 2016/04/26 2:59 p.m.177 views

CVE-2016-3074

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.

9.8CVSS8.1AI score0.52849EPSS
CVE
CVE
added 2018/08/24 7:29 p.m.177 views

CVE-2018-14598

An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).

7.5CVSS8.2AI score0.01126EPSS
CVE
CVE
added 2016/02/08 3:59 a.m.176 views

CVE-2015-8539

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c.

7.8CVSS7.2AI score0.00086EPSS
CVE
CVE
added 2014/07/23 2:55 p.m.175 views

CVE-2014-3537

The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.

1.2CVSS7.4AI score0.00053EPSS
CVE
CVE
added 2015/12/06 8:59 p.m.175 views

CVE-2015-3195

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by...

5.3CVSS6.3AI score0.02068EPSS
CVE
CVE
added 2015/12/29 10:59 p.m.175 views

CVE-2015-5252

vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.

7.2CVSS6.3AI score0.15999EPSS
CVE
CVE
added 2016/06/13 10:59 a.m.175 views

CVE-2016-2834

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

9.3CVSS8.5AI score0.01693EPSS
CVE
CVE
added 2016/11/16 5:59 a.m.175 views

CVE-2016-7913

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.

9.3CVSS7.7AI score0.01025EPSS
CVE
CVE
added 2013/08/06 2:56 a.m.174 views

CVE-2013-4124

Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

5CVSS6.7AI score0.86808EPSS
CVE
CVE
added 2018/08/31 4:29 p.m.172 views

CVE-2018-16276

An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.

7.8CVSS7.3AI score0.0008EPSS
CVE
CVE
added 2013/01/25 12:0 p.m.170 views

CVE-2012-5689

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.

7.1CVSS7.9AI score0.0381EPSS
CVE
CVE
added 2014/12/12 6:59 p.m.170 views

CVE-2014-8134

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.

3.3CVSS5.4AI score0.00089EPSS
CVE
CVE
added 2016/07/03 9:59 p.m.170 views

CVE-2016-4998

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafte...

7.1CVSS7AI score0.01237EPSS
CVE
CVE
added 2018/12/28 4:29 p.m.170 views

CVE-2018-20545

There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data.

8.8CVSS8.5AI score0.01956EPSS
CVE
CVE
added 2017/07/21 2:29 p.m.169 views

CVE-2015-5219

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

7.5CVSS7.1AI score0.0364EPSS
Total number of security vulnerabilities1413