Lucene search

K
CanonicalUbuntu Linux16.04

2225 matches found

CVE
CVE
added 2018/08/01 6:29 p.m.479 views

CVE-2018-8034

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.

7.5CVSS7.6AI score0.13373EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.477 views

CVE-2019-2739

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructu...

5.1CVSS5.4AI score0.00027EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.477 views

CVE-2019-9515

Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalen...

7.8CVSS7.7AI score0.04513EPSS
CVE
CVE
added 2018/06/18 2:29 p.m.476 views

CVE-2018-1060

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

7.5CVSS7.4AI score0.01284EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.476 views

CVE-2019-2455

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

6.5CVSS6.2AI score0.00222EPSS
CVE
CVE
added 2020/01/08 8:15 p.m.475 views

CVE-2019-11745

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR <...

8.8CVSS8.7AI score0.00631EPSS
CVE
CVE
added 2020/04/22 8:15 p.m.474 views

CVE-2020-1983

A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.

7.5CVSS7AI score0.00141EPSS
CVE
CVE
added 2019/04/10 8:29 p.m.473 views

CVE-2019-11068

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

9.8CVSS9.4AI score0.01109EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.473 views

CVE-2019-2627

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multip...

4.9CVSS4.8AI score0.00143EPSS
CVE
CVE
added 2019/10/18 9:15 p.m.472 views

CVE-2019-18197

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be discl...

7.5CVSS7.6AI score0.01875EPSS
CVE
CVE
added 2019/01/11 2:29 p.m.470 views

CVE-2019-6133

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.

6.7CVSS6.2AI score0.00023EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.468 views

CVE-2019-2628

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS4.7AI score0.0012EPSS
CVE
CVE
added 2018/10/30 12:29 p.m.464 views

CVE-2018-0734

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0....

5.9CVSS5.9AI score0.06051EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.464 views

CVE-2019-2805

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

6.5CVSS6.3AI score0.00417EPSS
CVE
CVE
added 2019/05/10 10:29 p.m.463 views

CVE-2019-11884

The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character.

3.3CVSS5.6AI score0.0006EPSS
CVE
CVE
added 2019/06/24 5:15 p.m.462 views

CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

7.8CVSS7.5AI score0.05817EPSS
CVE
CVE
added 2019/06/27 5:15 p.m.462 views

CVE-2019-5827

Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.03364EPSS
CVE
CVE
added 2018/04/29 9:29 p.m.461 views

CVE-2018-10548

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.

7.5CVSS6.2AI score0.65467EPSS
CVE
CVE
added 2018/10/29 1:29 p.m.459 views

CVE-2018-0735

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).

5.9CVSS5.7AI score0.07042EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.458 views

CVE-2018-3282

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network acce...

4.9CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2019/04/23 10:29 p.m.456 views

CVE-2019-11487

The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/h...

7.8CVSS8AI score0.00057EPSS
CVE
CVE
added 2019/05/07 2:29 p.m.455 views

CVE-2018-20836

An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.

9.3CVSS7.5AI score0.03858EPSS
CVE
CVE
added 2018/03/01 7:29 p.m.455 views

CVE-2018-7584

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.

9.8CVSS8AI score0.81512EPSS
CVE
CVE
added 2019/07/15 3:15 p.m.455 views

CVE-2019-1010305

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit 2f08413...

5.5CVSS5.5AI score0.00465EPSS
CVE
CVE
added 2019/09/12 8:15 p.m.454 views

CVE-2019-16275

hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a cra...

6.5CVSS6.3AI score0.00737EPSS
CVE
CVE
added 2020/08/24 6:15 p.m.454 views

CVE-2020-24606

Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestH...

8.6CVSS7.3AI score0.06342EPSS
CVE
CVE
added 2019/05/07 2:29 p.m.452 views

CVE-2019-11810

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.

7.8CVSS7.2AI score0.01451EPSS
CVE
CVE
added 2020/08/21 9:15 p.m.452 views

CVE-2020-8623

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be ...

7.5CVSS7.6AI score0.02727EPSS
CVE
CVE
added 2019/08/14 5:15 p.m.451 views

CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary cipher...

8.1CVSS8.4AI score0.02341EPSS
CVE
CVE
added 2019/12/10 11:15 p.m.450 views

CVE-2019-14870

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authen...

6.4CVSS5.7AI score0.02946EPSS
CVE
CVE
added 2017/11/27 10:29 p.m.448 views

CVE-2017-15275

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.

7.5CVSS8.4AI score0.43467EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.448 views

CVE-2019-2510

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server....

4.9CVSS4.9AI score0.00108EPSS
CVE
CVE
added 2018/10/29 12:29 p.m.446 views

CVE-2018-18751

An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.

9.8CVSS9.2AI score0.01298EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.446 views

CVE-2018-3064

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to comprom...

7.1CVSS6.7AI score0.0021EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.446 views

CVE-2019-2698

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of ...

8.1CVSS7.7AI score0.03661EPSS
CVE
CVE
added 2020/06/09 1:15 p.m.446 views

CVE-2020-10757

A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.

7.8CVSS7.5AI score0.00601EPSS
CVE
CVE
added 2020/09/15 8:15 p.m.446 views

CVE-2020-14314

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system a...

5.5CVSS5.9AI score0.00012EPSS
CVE
CVE
added 2019/05/23 8:29 p.m.445 views

CVE-2019-5798

Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

6.5CVSS6.6AI score0.0085EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.444 views

CVE-2018-3174

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infra...

5.3CVSS6.1AI score0.00029EPSS
CVE
CVE
added 2021/03/07 5:15 a.m.443 views

CVE-2021-27364

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.

7.1CVSS7AI score0.00041EPSS
CVE
CVE
added 2020/05/01 7:15 p.m.442 views

CVE-2020-10683

dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

9.8CVSS9.2AI score0.02147EPSS
CVE
CVE
added 2019/04/18 5:29 p.m.441 views

CVE-2019-11034

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.

9.1CVSS7AI score0.03311EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.440 views

CVE-2019-2737

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr...

4.9CVSS5AI score0.00169EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.440 views

CVE-2020-14550

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise ...

5.3CVSS5.2AI score0.00226EPSS
CVE
CVE
added 2020/02/06 1:15 a.m.440 views

CVE-2020-8648

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

7.1CVSS7AI score0.0003EPSS
CVE
CVE
added 2018/08/06 8:29 p.m.439 views

CVE-2018-5390

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

7.8CVSS7.5AI score0.19919EPSS
CVE
CVE
added 2018/05/08 6:29 p.m.439 views

CVE-2018-8897

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated...

7.8CVSS6.8AI score0.21337EPSS
CVE
CVE
added 2020/04/28 7:15 p.m.439 views

CVE-2020-12243

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).

7.5CVSS7.4AI score0.05011EPSS
CVE
CVE
added 2018/11/16 6:29 p.m.438 views

CVE-2018-16395

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one char...

9.8CVSS7.2AI score0.07275EPSS
CVE
CVE
added 2019/03/21 4:1 p.m.435 views

CVE-2019-7221

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

7.8CVSS7.5AI score0.00128EPSS
Total number of security vulnerabilities2225