Lucene search

K
CanonicalUbuntu Linux16.04

2225 matches found

CVE
CVE
added 2018/06/04 6:29 a.m.157 views

CVE-2018-11685

Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.

8.8CVSS8.4AI score0.00383EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.157 views

CVE-2018-12359

A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60,...

8.8CVSS7.8AI score0.01503EPSS
CVE
CVE
added 2018/07/20 12:29 a.m.157 views

CVE-2018-14435

ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.

6.5CVSS7AI score0.00114EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.157 views

CVE-2018-2588

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with...

4.3CVSS4.2AI score0.00431EPSS
CVE
CVE
added 2018/09/04 6:29 p.m.157 views

CVE-2018-6555

The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.

7.8CVSS7.2AI score0.00029EPSS
CVE
CVE
added 2019/08/07 10:15 p.m.157 views

CVE-2019-14763

In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.

5.5CVSS6.6AI score0.0007EPSS
CVE
CVE
added 2019/08/18 7:15 p.m.157 views

CVE-2019-15145

DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.

5.5CVSS5.4AI score0.00136EPSS
CVE
CVE
added 2020/06/17 4:15 p.m.157 views

CVE-2020-14398

An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.

7.5CVSS7.3AI score0.01788EPSS
CVE
CVE
added 2018/01/02 8:29 p.m.156 views

CVE-2017-1000422

Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential code execution

8.8CVSS8.1AI score0.01263EPSS
CVE
CVE
added 2018/04/16 2:29 p.m.156 views

CVE-2018-10124

The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.

5.5CVSS5.6AI score0.00076EPSS
CVE
CVE
added 2018/03/28 1:29 p.m.156 views

CVE-2018-1083

Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned...

7.8CVSS6.7AI score0.00119EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.156 views

CVE-2018-12378

A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird

9.8CVSS6.4AI score0.02021EPSS
CVE
CVE
added 2018/07/05 2:29 a.m.156 views

CVE-2018-13153

In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.

6.5CVSS7.4AI score0.00197EPSS
CVE
CVE
added 2018/10/15 4:29 p.m.156 views

CVE-2018-18073

Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.

6.3CVSS6.4AI score0.00366EPSS
CVE
CVE
added 2018/12/13 7:29 p.m.156 views

CVE-2018-19489

v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.

4.7CVSS5.1AI score0.00041EPSS
CVE
CVE
added 2019/01/01 4:29 p.m.156 views

CVE-2018-20650

A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach.

6.5CVSS6.5AI score0.00561EPSS
CVE
CVE
added 2020/05/07 8:15 p.m.156 views

CVE-2020-11048

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0.

3.5CVSS5.4AI score0.00095EPSS
CVE
CVE
added 2018/01/03 6:29 p.m.155 views

CVE-2017-1000476

ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.

7.1CVSS7.3AI score0.00629EPSS
CVE
CVE
added 2018/08/27 5:29 p.m.155 views

CVE-2018-15909

In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.

7.8CVSS6.6AI score0.02166EPSS
CVE
CVE
added 2018/02/06 10:29 p.m.155 views

CVE-2018-6767

A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file.

7.8CVSS6.8AI score0.00879EPSS
CVE
CVE
added 2018/05/18 7:29 p.m.154 views

CVE-2017-18271

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.

7.1CVSS7AI score0.00112EPSS
CVE
CVE
added 2018/05/28 4:29 a.m.154 views

CVE-2018-11506

The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demons...

7.8CVSS7.9AI score0.00083EPSS
CVE
CVE
added 2018/12/19 4:29 p.m.154 views

CVE-2018-20022

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak st...

7.5CVSS8AI score0.05439EPSS
CVE
CVE
added 2019/01/30 6:29 p.m.154 views

CVE-2018-20749

LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.

9.8CVSS9.5AI score0.1561EPSS
CVE
CVE
added 2019/06/30 11:15 p.m.154 views

CVE-2019-13112

A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.

6.5CVSS6AI score0.00205EPSS
CVE
CVE
added 2018/01/23 4:29 p.m.153 views

CVE-2017-15105

A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.

5.3CVSS5.2AI score0.00682EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.153 views

CVE-2018-12360

A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR <...

8.8CVSS7.8AI score0.0064EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.153 views

CVE-2018-12363

A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects...

8.8CVSS7.7AI score0.0064EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.153 views

CVE-2018-12366

An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and ...

6.5CVSS7.2AI score0.00266EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.153 views

CVE-2018-5089

Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, a...

9.8CVSS9.9AI score0.02663EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.153 views

CVE-2018-5188

Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Thunderbird &lt...

9.8CVSS8.5AI score0.01678EPSS
CVE
CVE
added 2018/02/24 6:29 a.m.153 views

CVE-2018-7456

A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to pri...

6.5CVSS7.4AI score0.00742EPSS
CVE
CVE
added 2020/05/07 7:15 p.m.153 views

CVE-2020-11042

In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -> 4GB) to an intermediate buffer. This can be used to crash the client or store information for later retrieval. Th...

5.9CVSS6.3AI score0.00097EPSS
CVE
CVE
added 2020/08/13 3:15 a.m.153 views

CVE-2020-16298

A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5CVSS5.9AI score0.01448EPSS
CVE
CVE
added 2020/01/21 9:15 p.m.153 views

CVE-2020-7040

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fil...

9.3CVSS7.8AI score0.04123EPSS
CVE
CVE
added 2016/08/10 2:59 p.m.152 views

CVE-2016-5421

Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.

8.1CVSS7.4AI score0.01092EPSS
CVE
CVE
added 2017/08/11 2:29 a.m.152 views

CVE-2016-6796

A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.

7.5CVSS8.4AI score0.00932EPSS
CVE
CVE
added 2019/04/18 6:29 p.m.152 views

CVE-2018-16877

A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.

8.8CVSS7.4AI score0.00056EPSS
CVE
CVE
added 2018/12/19 4:29 p.m.152 views

CVE-2018-20024

LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.

7.5CVSS8.4AI score0.02823EPSS
CVE
CVE
added 2019/01/30 6:29 p.m.152 views

CVE-2018-20748

LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.

9.8CVSS9.8AI score0.17311EPSS
CVE
CVE
added 2019/01/30 6:29 p.m.152 views

CVE-2018-20750

LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.

9.8CVSS9.5AI score0.1561EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.152 views

CVE-2019-19071

A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.

7.8CVSS7.5AI score0.0095EPSS
CVE
CVE
added 2017/10/11 6:29 p.m.151 views

CVE-2017-0903

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.

9.8CVSS9.1AI score0.04901EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.151 views

CVE-2018-12364

NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird &lt...

8.8CVSS7.5AI score0.00267EPSS
CVE
CVE
added 2018/08/28 4:29 a.m.151 views

CVE-2018-15911

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.

7.8CVSS6.7AI score0.02285EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.151 views

CVE-2018-2678

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker wit...

4.3CVSS4.3AI score0.00124EPSS
CVE
CVE
added 2019/08/18 7:15 p.m.151 views

CVE-2019-15143

In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.

5.5CVSS5.3AI score0.00045EPSS
CVE
CVE
added 2019/12/30 1:15 a.m.151 views

CVE-2019-20079

The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.

7.8CVSS7.5AI score0.00194EPSS
CVE
CVE
added 2019/04/23 4:29 p.m.151 views

CVE-2019-7303

A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only uses the lower 32 ...

7.5CVSS6.1AI score0.00838EPSS
CVE
CVE
added 2020/02/19 7:15 p.m.151 views

CVE-2020-6062

An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigger this vulnerability.

7.5CVSS8.2AI score0.06673EPSS
Total number of security vulnerabilities2225