Lucene search

K
CanonicalUbuntu Linux14.04

2153 matches found

CVE
CVE
added 2016/05/23 10:59 a.m.168 views

CVE-2016-4565

The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

7.8CVSS7.8AI score0.00238EPSS
CVE
CVE
added 2017/12/01 5:29 p.m.168 views

CVE-2017-16612

libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0.

7.5CVSS7.5AI score0.03557EPSS
CVE
CVE
added 2017/12/20 9:29 a.m.168 views

CVE-2017-17786

In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.

7.8CVSS7.4AI score0.00326EPSS
CVE
CVE
added 2017/12/20 9:29 a.m.168 views

CVE-2017-17787

In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.

7.8CVSS7.4AI score0.00351EPSS
CVE
CVE
added 2018/10/29 12:29 p.m.168 views

CVE-2018-18710

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CV...

5.5CVSS6.1AI score0.00058EPSS
CVE
CVE
added 2018/11/26 3:29 a.m.168 views

CVE-2018-19541

An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3,...

8.8CVSS7.2AI score0.01249EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.168 views

CVE-2018-2629

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker w...

5.3CVSS5AI score0.0027EPSS
CVE
CVE
added 2018/12/28 4:29 p.m.167 views

CVE-2018-20548

There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data.

8.8CVSS8.5AI score0.00724EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.167 views

CVE-2018-2798

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with ne...

5.3CVSS5AI score0.0022EPSS
CVE
CVE
added 2019/12/17 6:15 a.m.167 views

CVE-2019-19813

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_m...

7.1CVSS5.7AI score0.01528EPSS
CVE
CVE
added 2015/12/06 8:59 p.m.166 views

CVE-2015-3193

The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key i...

7.5CVSS6.5AI score0.22636EPSS
CVE
CVE
added 2016/06/27 10:59 a.m.166 views

CVE-2016-5829

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

7.8CVSS7.8AI score0.00053EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.166 views

CVE-2018-12365

A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < ...

6.5CVSS7.4AI score0.00514EPSS
CVE
CVE
added 2018/12/28 4:29 p.m.166 views

CVE-2018-20544

There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19.

6.5CVSS7.2AI score0.01037EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.166 views

CVE-2018-2663

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacke...

4.3CVSS4.3AI score0.00124EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.166 views

CVE-2018-2797

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with ne...

5.3CVSS5AI score0.00182EPSS
CVE
CVE
added 2018/04/17 8:29 p.m.166 views

CVE-2018-6798

An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure.

7.5CVSS8AI score0.01202EPSS
CVE
CVE
added 2020/03/12 1:15 p.m.166 views

CVE-2020-10109

In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request.

9.8CVSS9.2AI score0.02798EPSS
CVE
CVE
added 2020/06/17 4:15 p.m.166 views

CVE-2020-14405

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.

6.5CVSS6.7AI score0.01137EPSS
CVE
CVE
added 2019/01/31 9:29 a.m.165 views

CVE-2017-18360

In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.

5.5CVSS5.5AI score0.00082EPSS
CVE
CVE
added 2018/09/13 4:29 p.m.165 views

CVE-2018-17000

A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.

6.5CVSS6.8AI score0.0078EPSS
CVE
CVE
added 2018/12/13 7:29 p.m.165 views

CVE-2018-19364

hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.

5.5CVSS5.7AI score0.0005EPSS
CVE
CVE
added 2015/03/09 2:59 p.m.164 views

CVE-2015-0254

Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) or (2) JSTL XML tag.

7.5CVSS8.1AI score0.09152EPSS
CVE
CVE
added 2016/03/09 3:59 p.m.164 views

CVE-2016-2774

ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.

7.1CVSS5.7AI score0.69959EPSS
CVE
CVE
added 2017/10/24 8:29 p.m.164 views

CVE-2017-15873

The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.

5.5CVSS7AI score0.00112EPSS
CVE
CVE
added 2018/05/18 7:29 p.m.164 views

CVE-2017-18273

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call.

7.1CVSS7.1AI score0.00208EPSS
CVE
CVE
added 2018/05/07 7:29 a.m.164 views

CVE-2018-10779

TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.

6.5CVSS7.4AI score0.00255EPSS
CVE
CVE
added 2018/06/09 11:29 a.m.164 views

CVE-2018-12085

Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.

8.8CVSS7.8AI score0.00403EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.164 views

CVE-2018-12377

A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird

9.8CVSS6.4AI score0.02021EPSS
CVE
CVE
added 2018/07/27 4:29 a.m.164 views

CVE-2018-14609

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized.

7.1CVSS5.8AI score0.00272EPSS
CVE
CVE
added 2018/08/27 5:29 p.m.164 views

CVE-2018-15908

In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.

7.8CVSS6.6AI score0.00334EPSS
CVE
CVE
added 2018/12/19 4:29 p.m.164 views

CVE-2018-20021

LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM

7.8CVSS8.2AI score0.02642EPSS
CVE
CVE
added 2018/03/09 3:29 p.m.164 views

CVE-2018-7995

Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck dir...

4.7CVSS5.7AI score0.00032EPSS
CVE
CVE
added 2018/05/24 4:29 p.m.164 views

CVE-2018-8013

In Apache Batik 1.x before 1.10, when deserializing subclass of AbstractDocument, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deserialization.

9.8CVSS8.6AI score0.00723EPSS
CVE
CVE
added 2019/12/01 10:15 p.m.164 views

CVE-2019-18609

An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than ne...

9.8CVSS9.4AI score0.02256EPSS
CVE
CVE
added 2015/08/31 10:59 a.m.163 views

CVE-2015-5364

The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.

7.8CVSS5.7AI score0.21228EPSS
CVE
CVE
added 2017/12/20 9:29 a.m.163 views

CVE-2017-17785

In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.

7.8CVSS7.6AI score0.00366EPSS
CVE
CVE
added 2017/03/23 4:59 p.m.163 views

CVE-2017-5897

The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.

9.8CVSS8.3AI score0.01998EPSS
CVE
CVE
added 2018/05/01 4:29 p.m.163 views

CVE-2018-10583

An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt X...

7.5CVSS6.4AI score0.63278EPSS
CVE
CVE
added 2018/07/27 6:29 p.m.163 views

CVE-2018-10882

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.

5.5CVSS5.9AI score0.00075EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.163 views

CVE-2018-12376

Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbi...

9.8CVSS7.2AI score0.02021EPSS
CVE
CVE
added 2018/11/23 5:29 a.m.163 views

CVE-2018-19476

psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.

7.8CVSS6.6AI score0.00853EPSS
CVE
CVE
added 2017/12/20 9:29 a.m.162 views

CVE-2017-17784

In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.

7.8CVSS7.4AI score0.0039EPSS
CVE
CVE
added 2018/05/10 2:29 a.m.162 views

CVE-2018-10963

The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.

6.5CVSS7AI score0.00846EPSS
CVE
CVE
added 2018/04/11 7:29 p.m.162 views

CVE-2018-1100

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.

7.8CVSS7.9AI score0.00188EPSS
CVE
CVE
added 2018/05/31 12:29 a.m.162 views

CVE-2018-11577

Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.

8.8CVSS8.4AI score0.00338EPSS
CVE
CVE
added 2018/06/13 11:29 a.m.162 views

CVE-2018-12264

Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.

8.8CVSS7AI score0.00882EPSS
CVE
CVE
added 2018/06/13 11:29 a.m.162 views

CVE-2018-12265

Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.

8.8CVSS7.2AI score0.00882EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.162 views

CVE-2018-12389

Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 6...

8.8CVSS8.4AI score0.01167EPSS
CVE
CVE
added 2018/07/20 12:29 a.m.162 views

CVE-2018-14436

ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.

6.5CVSS7.5AI score0.00114EPSS
Total number of security vulnerabilities2153