Lucene search

K
CanonicalUbuntu Linux15.04

260 matches found

CVE
CVE
added 2017/08/25 6:29 p.m.49 views

CVE-2015-1324

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privi...

7.8CVSS7.6AI score0.00109EPSS
CVE
CVE
added 2017/09/20 4:29 p.m.49 views

CVE-2015-1329

Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in oxide-qt in Ubuntu 15.04 and 14.04 LTS might allow remote attackers to execute arbitrary code.

9.3CVSS9.5AI score0.02247EPSS
CVE
CVE
added 2015/12/07 8:59 p.m.48 views

CVE-2015-1344

The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions, which allows local users to gain privileges by writing a pid to the tasks file.

7.2CVSS6.5AI score0.00037EPSS
CVE
CVE
added 2017/02/13 6:59 p.m.47 views

CVE-2015-8768

click/install.py in click does not require files in package filesystem tarballs to start with ./ (dot slash), which allows remote attackers to install an alternate security policy and gain privileges via a crafted package, as demonstrated by the test.mmrow app for Ubuntu phone.

9.8CVSS9.3AI score0.0159EPSS
CVE
CVE
added 2015/11/24 8:59 p.m.46 views

CVE-2015-7869

Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before 340.96, R352 before 352.63, and R358 before 358.16 on Linux allow local users to obtain sensitive in...

6.6CVSS6.8AI score0.00057EPSS
CVE
CVE
added 2015/09/17 4:59 p.m.45 views

CVE-2015-1319

The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04.20150408-0ubuntu1.2 does not properly detect if the screen is locked, which allows physically proximate attackers to mount removable media while the screen is locked as demonstrated by inserting a USB ...

2.1CVSS6.4AI score0.00061EPSS
CVE
CVE
added 2021/04/07 8:15 p.m.44 views

CVE-2013-1054

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus d...

6.5CVSS5.2AI score0.00219EPSS
CVE
CVE
added 2015/10/09 2:59 p.m.44 views

CVE-2015-1337

Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response.

6.8CVSS7.1AI score0.00334EPSS
CVE
CVE
added 2021/04/07 8:15 p.m.42 views

CVE-2013-1055

The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and updating it with new callbacks until the libunity-webapps rate limit was hi...

4.3CVSS4.4AI score0.00213EPSS
CVE
CVE
added 2019/04/22 4:29 p.m.35 views

CVE-2015-1327

Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn't actually require the confined app have access to the file to create a transfer. This could allow a malicious application using the DBUS API to export file:///etc/passwd which w...

7.8CVSS5.7AI score0.00186EPSS
Total number of security vulnerabilities260