Lucene search

K
CanonicalUbuntu Linux16.04

2225 matches found

CVE
CVE
added 2018/05/31 4:29 p.m.54 views

CVE-2018-11625

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.

8.8CVSS8.1AI score0.00193EPSS
CVE
CVE
added 2019/02/06 11:29 p.m.54 views

CVE-2018-20761

GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.

7.8CVSS7.5AI score0.00251EPSS
CVE
CVE
added 2016/06/30 5:59 p.m.53 views

CVE-2016-5360

HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors.

7.5CVSS7.9AI score0.46077EPSS
CVE
CVE
added 2017/09/18 1:29 a.m.53 views

CVE-2017-14533

ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.

6.5CVSS7AI score0.00467EPSS
CVE
CVE
added 2018/06/01 3:29 p.m.53 views

CVE-2018-11655

In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.

6.5CVSS6.5AI score0.00253EPSS
CVE
CVE
added 2018/01/12 9:29 a.m.53 views

CVE-2018-5358

ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.

6.5CVSS6.9AI score0.00406EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.52 views

CVE-2017-15217

ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.

6.5CVSS7AI score0.00534EPSS
CVE
CVE
added 2017/04/12 10:59 p.m.52 views

CVE-2017-5936

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions.

7.5CVSS7.5AI score0.02467EPSS
CVE
CVE
added 2018/03/06 6:29 p.m.52 views

CVE-2018-7731

An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class.

5.5CVSS6AI score0.00478EPSS
CVE
CVE
added 2016/06/09 4:59 p.m.51 views

CVE-2016-1582

LXD before 2.0.2 does not properly set permissions when switching an unprivileged container into privileged mode, which allows local users to access arbitrary world readable paths in the container directory via unspecified vectors.

5.5CVSS5.2AI score0.0004EPSS
CVE
CVE
added 2018/12/07 10:29 p.m.51 views

CVE-2018-5807

An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

8.8CVSS7AI score0.00491EPSS
CVE
CVE
added 2018/03/28 8:29 p.m.51 views

CVE-2018-8885

screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._check_permission call.

7CVSS6.5AI score0.0004EPSS
CVE
CVE
added 2018/02/02 2:29 p.m.50 views

CVE-2017-14180

Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than ...

7.8CVSS7.5AI score0.00052EPSS
CVE
CVE
added 2016/06/13 7:59 p.m.49 views

CVE-2016-4574

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.

7.5CVSS7.3AI score0.0109EPSS
CVE
CVE
added 2018/12/07 10:29 p.m.49 views

CVE-2018-5812

An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.

6.5CVSS6.3AI score0.00514EPSS
CVE
CVE
added 2017/06/22 3:29 p.m.48 views

CVE-2017-9815

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

6.5CVSS6.2AI score0.00498EPSS
CVE
CVE
added 2016/05/13 2:59 p.m.47 views

CVE-2016-1578

Use-after-free vulnerability in Oxide allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to responding synchronously to permission requests.

9.8CVSS9.6AI score0.02417EPSS
CVE
CVE
added 2018/02/02 2:29 p.m.45 views

CVE-2017-14179

Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers.

7.8CVSS7.5AI score0.00034EPSS
CVE
CVE
added 2018/03/06 5:29 p.m.45 views

CVE-2018-1000100

GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This attack appear to be exploitable via an attacker supplied MP4 file that when run by the victim may r...

7.8CVSS7.4AI score0.00213EPSS
CVE
CVE
added 2019/07/31 2:15 a.m.45 views

CVE-2019-14452

Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.

7.5CVSS7.3AI score0.02739EPSS
CVE
CVE
added 2016/07/22 2:59 p.m.44 views

CVE-2015-8946

ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.

3.3CVSS3.2AI score0.00133EPSS
CVE
CVE
added 2016/09/26 3:59 p.m.43 views

CVE-2016-7162

The _g_file_remove_directory function in file-utils.c in File Roller 3.5.4 through 3.20.2 allows remote attackers to delete arbitrary files via a symlink attack on a folder in an archive.

7.5CVSS7.2AI score0.01151EPSS
CVE
CVE
added 2018/08/06 8:29 p.m.38 views

CVE-2018-7073

A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24.

5.5CVSS5.4AI score0.00727EPSS
CVE
CVE
added 2018/09/07 2:29 p.m.36 views

CVE-2018-0644

Buffer overflow in Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-client2) 1:1.4.9+p41-u4jma1 and earlier, Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 5.0.0 (panda-client2) 1:2.0.0+p48-u4jma1 and earlier, and Ubuntu16.04 ORCA (Online Receipt Computer Advantage) 5.0.0 (pa...

6.5CVSS6.3AI score0.00516EPSS
CVE
CVE
added 2016/10/03 6:59 p.m.24 views

CVE-2016-1372

ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.

5.5CVSS5.8AI score0.04076EPSS
Total number of security vulnerabilities2225