Lucene search

K
CanonicalUbuntu Linux16.04

2225 matches found

CVE
CVE
added 2020/11/07 4:15 a.m.95 views

CVE-2020-16122

PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages.

8.2CVSS7.5AI score0.0008EPSS
CVE
CVE
added 2018/02/27 10:29 p.m.94 views

CVE-2014-10071

In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.

9.8CVSS7.4AI score0.00275EPSS
CVE
CVE
added 2017/02/23 8:59 p.m.94 views

CVE-2016-10109

Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.

7.5CVSS7.2AI score0.05515EPSS
CVE
CVE
added 2016/06/13 10:59 a.m.94 views

CVE-2016-2831

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.

8.8CVSS8AI score0.00775EPSS
CVE
CVE
added 2018/05/08 5:29 p.m.94 views

CVE-2017-2592

python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain sensitive information from OpenStack component e...

5.9CVSS4.8AI score0.00095EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.94 views

CVE-2017-7829

It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird

5.3CVSS6.1AI score0.01565EPSS
CVE
CVE
added 2018/09/19 4:29 p.m.94 views

CVE-2018-17206

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding.

4.9CVSS5.3AI score0.02157EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.94 views

CVE-2018-18495

WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. T...

6.5CVSS6.8AI score0.00725EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.94 views

CVE-2019-2910

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compr...

4.3CVSS3.3AI score0.00312EPSS
CVE
CVE
added 2016/06/13 10:59 a.m.93 views

CVE-2016-2815

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

8.8CVSS9.2AI score0.00379EPSS
CVE
CVE
added 2017/02/01 3:59 p.m.93 views

CVE-2016-9963

Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.

5.9CVSS4.8AI score0.01678EPSS
CVE
CVE
added 2017/08/23 6:29 a.m.93 views

CVE-2017-13139

In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.

9.8CVSS9.1AI score0.00953EPSS
CVE
CVE
added 2018/01/12 12:29 a.m.93 views

CVE-2018-5345

A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.

7.8CVSS7.7AI score0.00752EPSS
CVE
CVE
added 2019/07/31 11:15 p.m.93 views

CVE-2019-14464

XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow.

5.5CVSS5.5AI score0.00305EPSS
CVE
CVE
added 2016/09/20 2:15 p.m.92 views

CVE-2015-8920

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.

5.5CVSS5.8AI score0.00495EPSS
CVE
CVE
added 2016/09/20 2:15 p.m.92 views

CVE-2015-8928

The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

5.5CVSS6.2AI score0.00295EPSS
CVE
CVE
added 2016/06/16 6:59 p.m.92 views

CVE-2016-2392

The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors inv...

6.5CVSS6.3AI score0.00086EPSS
CVE
CVE
added 2016/05/05 6:59 p.m.92 views

CVE-2016-4008

The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.

5.9CVSS5.4AI score0.04246EPSS
CVE
CVE
added 2016/09/07 6:59 p.m.92 views

CVE-2016-6855

Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.

7.5CVSS7.1AI score0.0255EPSS
CVE
CVE
added 2016/09/27 3:59 p.m.92 views

CVE-2016-7045

The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string.

7.5CVSS7.4AI score0.01934EPSS
CVE
CVE
added 2018/12/07 10:29 p.m.92 views

CVE-2017-16910

An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.

6.5CVSS6.2AI score0.00489EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.92 views

CVE-2018-18497

Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vuln...

6.5CVSS6.6AI score0.00986EPSS
CVE
CVE
added 2018/11/07 4:29 p.m.92 views

CVE-2018-19060

An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.

6.5CVSS6.3AI score0.0015EPSS
CVE
CVE
added 2018/02/19 1:29 p.m.92 views

CVE-2018-5381

The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAF...

7.5CVSS8.1AI score0.10093EPSS
CVE
CVE
added 2018/12/07 10:29 p.m.92 views

CVE-2018-5802

An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

8.8CVSS8.2AI score0.00705EPSS
CVE
CVE
added 2018/02/15 8:29 p.m.92 views

CVE-2018-7052

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer dereference would occur.

7.5CVSS8.2AI score0.01142EPSS
CVE
CVE
added 2018/02/15 8:29 p.m.92 views

CVE-2018-7054

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191.

9.8CVSS9.4AI score0.01646EPSS
CVE
CVE
added 2018/02/27 10:29 p.m.92 views

CVE-2018-7549

In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.

7.5CVSS7.1AI score0.00276EPSS
CVE
CVE
added 2019/02/15 11:29 p.m.92 views

CVE-2019-8354

An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow.

5CVSS5.2AI score0.00281EPSS
CVE
CVE
added 2018/10/15 7:29 p.m.91 views

CVE-2017-5934

Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1CVSS5.8AI score0.00691EPSS
CVE
CVE
added 2018/03/13 3:29 p.m.91 views

CVE-2018-1000085

ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnera...

5.5CVSS6.2AI score0.00902EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.91 views

CVE-2018-5177

A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox

7.5CVSS6.5AI score0.00331EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.91 views

CVE-2018-5182

If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent "file:" URL. This vulnerability affects Fi...

7.5CVSS6AI score0.00964EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.91 views

CVE-2018-5186

Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox

9.8CVSS8.9AI score0.02235EPSS
CVE
CVE
added 2019/11/06 3:15 a.m.91 views

CVE-2019-18786

In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.

5.5CVSS5.7AI score0.00115EPSS
CVE
CVE
added 2020/08/27 4:15 p.m.91 views

CVE-2020-14415

oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.

3.3CVSS4AI score0.00101EPSS
CVE
CVE
added 2017/07/17 1:18 p.m.90 views

CVE-2017-11352

In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.

6.5CVSS7.4AI score0.00979EPSS
CVE
CVE
added 2019/02/05 9:29 p.m.90 views

CVE-2018-18502

Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox

10CVSS6.4AI score0.05242EPSS
CVE
CVE
added 2019/02/05 9:29 p.m.90 views

CVE-2018-18504

A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers. This vulnerability affects Firefox

9.8CVSS5.3AI score0.03653EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.90 views

CVE-2018-4101

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers ...

8.8CVSS8.7AI score0.00579EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.90 views

CVE-2018-4120

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers ...

8.8CVSS8.7AI score0.00579EPSS
CVE
CVE
added 2018/08/25 9:29 p.m.89 views

CVE-2018-15863

Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression.

5.5CVSS5.9AI score0.00059EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.89 views

CVE-2018-5167

The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display "...

4.3CVSS5.5AI score0.00789EPSS
CVE
CVE
added 2018/03/06 5:29 p.m.89 views

CVE-2018-7725

An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service.

6.5CVSS5.5AI score0.00348EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.88 views

CVE-2014-9847

The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.

9.8CVSS6.7AI score0.03463EPSS
CVE
CVE
added 2016/09/20 2:15 p.m.88 views

CVE-2015-8931

Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

7.8CVSS8AI score0.00299EPSS
CVE
CVE
added 2016/05/10 7:59 p.m.88 views

CVE-2016-4554

mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.

8.6CVSS8.2AI score0.73388EPSS
CVE
CVE
added 2017/09/20 5:29 p.m.88 views

CVE-2017-14607

In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

8.1CVSS7AI score0.01676EPSS
CVE
CVE
added 2017/11/05 10:29 p.m.88 views

CVE-2017-16546

The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malfor...

8.8CVSS9.2AI score0.00594EPSS
CVE
CVE
added 2017/07/25 2:29 p.m.88 views

CVE-2017-7980

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.

7.8CVSS7.2AI score0.00166EPSS
Total number of security vulnerabilities2225