Lucene search

K
CanonicalUbuntu Linux12.04

1413 matches found

CVE
CVE
added 2017/01/30 9:59 p.m.169 views

CVE-2015-7977

ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.

5.9CVSS6.3AI score0.11631EPSS
CVE
CVE
added 2017/09/21 3:29 p.m.169 views

CVE-2017-12153

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability...

4.9CVSS5.6AI score0.00019EPSS
CVE
CVE
added 2018/07/26 1:29 p.m.169 views

CVE-2017-7526

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channe...

6.8CVSS6.4AI score0.02283EPSS
CVE
CVE
added 2018/07/28 11:29 p.m.169 views

CVE-2018-14680

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.

6.5CVSS7.3AI score0.01523EPSS
CVE
CVE
added 2016/05/23 10:59 a.m.168 views

CVE-2016-4565

The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

7.8CVSS7.8AI score0.00271EPSS
CVE
CVE
added 2018/10/29 12:29 p.m.168 views

CVE-2018-18710

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CV...

5.5CVSS6.1AI score0.00058EPSS
CVE
CVE
added 2012/06/05 10:55 p.m.167 views

CVE-2012-0247

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.

8.8CVSS8.3AI score0.04205EPSS
CVE
CVE
added 2018/12/28 4:29 p.m.167 views

CVE-2018-20548

There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data.

8.8CVSS8.5AI score0.00724EPSS
CVE
CVE
added 2015/12/06 8:59 p.m.166 views

CVE-2015-3193

The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key i...

7.5CVSS6.5AI score0.22636EPSS
CVE
CVE
added 2016/06/27 10:59 a.m.166 views

CVE-2016-5829

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

7.8CVSS7.8AI score0.00053EPSS
CVE
CVE
added 2018/12/28 4:29 p.m.166 views

CVE-2018-20544

There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19.

6.5CVSS7.2AI score0.01037EPSS
CVE
CVE
added 2013/11/20 1:19 p.m.165 views

CVE-2013-4563

The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before inserting a fragment header, which allows remote attackers to cause a denial of service (panic) via ...

7.1CVSS5.7AI score0.01558EPSS
CVE
CVE
added 2019/01/31 9:29 a.m.165 views

CVE-2017-18360

In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.

5.5CVSS5.5AI score0.00082EPSS
CVE
CVE
added 2014/03/14 3:55 p.m.163 views

CVE-2014-2270

softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.

4.3CVSS5.6AI score0.3696EPSS
CVE
CVE
added 2015/08/31 10:59 a.m.163 views

CVE-2015-5364

The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.

7.8CVSS5.7AI score0.21228EPSS
CVE
CVE
added 2016/02/25 1:59 a.m.161 views

CVE-2015-5174

Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web appl...

4.3CVSS6.2AI score0.0093EPSS
CVE
CVE
added 2016/08/02 4:59 p.m.161 views

CVE-2016-5403

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.

5.5CVSS5.9AI score0.00104EPSS
CVE
CVE
added 2018/01/11 7:29 a.m.161 views

CVE-2018-5332

In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

7.8CVSS7.4AI score0.00079EPSS
CVE
CVE
added 2018/01/25 3:29 a.m.161 views

CVE-2018-6196

w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.

7.5CVSS7.2AI score0.0067EPSS
CVE
CVE
added 2017/07/21 2:29 p.m.160 views

CVE-2015-5195

ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.

7.5CVSS7.2AI score0.10401EPSS
CVE
CVE
added 2012/10/03 9:55 p.m.159 views

CVE-2012-3489

The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that...

6.5CVSS6.1AI score0.01036EPSS
CVE
CVE
added 2015/07/06 2:0 a.m.159 views

CVE-2015-2721

Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attack...

4.3CVSS4.1AI score0.00914EPSS
CVE
CVE
added 2015/08/06 1:59 a.m.159 views

CVE-2015-3636

The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a S...

4.9CVSS5.6AI score0.02555EPSS
CVE
CVE
added 2014/02/18 7:55 p.m.158 views

CVE-2014-1943

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.

5CVSS5.5AI score0.29124EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.158 views

CVE-2015-0410

Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.

5CVSS3.9AI score0.02489EPSS
CVE
CVE
added 2015/10/21 9:59 p.m.158 views

CVE-2015-4819

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.

7.2CVSS5.1AI score0.00077EPSS
CVE
CVE
added 2020/02/24 3:15 p.m.158 views

CVE-2015-9542

add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could send a crafted password to an application (loading the pam_radius library) and crash it. Arbitrary c...

7.5CVSS7.6AI score0.02005EPSS
CVE
CVE
added 2018/01/25 3:29 a.m.158 views

CVE-2018-6197

w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.

7.5CVSS7.2AI score0.00711EPSS
CVE
CVE
added 2016/03/03 8:59 p.m.157 views

CVE-2016-0702

The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on t...

5.1CVSS7AI score0.00419EPSS
CVE
CVE
added 2018/09/04 6:29 p.m.157 views

CVE-2018-6555

The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.

7.8CVSS7.2AI score0.00029EPSS
CVE
CVE
added 2012/10/10 5:55 p.m.156 views

CVE-2012-4186

Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.

9.3CVSS9.6AI score0.55611EPSS
CVE
CVE
added 2017/07/21 2:29 p.m.154 views

CVE-2015-5194

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

7.5CVSS7.1AI score0.11834EPSS
CVE
CVE
added 2016/01/29 8:59 p.m.153 views

CVE-2016-0755

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015.

7.3CVSS6.3AI score0.02575EPSS
CVE
CVE
added 2013/10/09 2:53 p.m.152 views

CVE-2013-2099

Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcar...

4.3CVSS6AI score0.01957EPSS
CVE
CVE
added 2015/11/24 8:59 p.m.152 views

CVE-2015-7981

The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.

5CVSS7.9AI score0.00786EPSS
CVE
CVE
added 2016/08/10 2:59 p.m.152 views

CVE-2016-5421

Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.

8.1CVSS7.4AI score0.01092EPSS
CVE
CVE
added 2015/11/16 11:59 a.m.151 views

CVE-2015-5307

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

4.9CVSS6.1AI score0.00169EPSS
CVE
CVE
added 2018/10/17 8:29 p.m.151 views

CVE-2018-18386

drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.

3.3CVSS4.9AI score0.0005EPSS
CVE
CVE
added 2019/12/30 1:15 a.m.151 views

CVE-2019-20079

The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.

7.8CVSS7.5AI score0.00194EPSS
CVE
CVE
added 2014/02/18 11:55 a.m.150 views

CVE-2013-7327

The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return val...

6.8CVSS7.3AI score0.10311EPSS
CVE
CVE
added 2015/02/24 3:59 p.m.150 views

CVE-2014-9402

The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.

7.8CVSS7.9AI score0.03217EPSS
CVE
CVE
added 2017/01/30 9:59 p.m.150 views

CVE-2015-7973

NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.

6.5CVSS6.7AI score0.07599EPSS
CVE
CVE
added 2016/03/03 8:59 p.m.150 views

CVE-2016-0797

Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit string that is mishandled by the (1) BN_dec2bn or (2)...

7.5CVSS9.2AI score0.30737EPSS
CVE
CVE
added 2016/04/07 8:59 p.m.150 views

CVE-2016-2510

BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler.

8.1CVSS8.2AI score0.34327EPSS
CVE
CVE
added 2016/06/16 6:59 p.m.150 views

CVE-2016-5300

The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876.

7.8CVSS7.7AI score0.02202EPSS
CVE
CVE
added 2013/07/08 5:55 p.m.149 views

CVE-2013-1059

net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation.

7.8CVSS6.6AI score0.01788EPSS
CVE
CVE
added 2014/11/15 8:59 p.m.149 views

CVE-2014-3707

The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.

4.3CVSS9.2AI score0.00277EPSS
CVE
CVE
added 2015/01/21 7:59 p.m.149 views

CVE-2015-0411

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.

7.5CVSS6.5AI score0.12949EPSS
CVE
CVE
added 2015/10/01 8:59 p.m.149 views

CVE-2015-7236

Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.

7.5CVSS7.1AI score0.08207EPSS
CVE
CVE
added 2016/04/27 5:59 p.m.149 views

CVE-2016-2184

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device desc...

4.9CVSS6.1AI score0.00345EPSS
Total number of security vulnerabilities1413