Lucene search

K
CanonicalUbuntu Linux16.04

2225 matches found

CVE
CVE
added 2019/11/25 12:15 p.m.398 views

CVE-2019-14822

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using...

7.1CVSS6.7AI score0.00096EPSS
CVE
CVE
added 2020/01/28 1:15 a.m.398 views

CVE-2020-0549

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS5.6AI score0.00122EPSS
CVE
CVE
added 2020/10/07 3:15 p.m.398 views

CVE-2020-14355

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...

6.6CVSS7.2AI score0.0185EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.398 views

CVE-2020-14556

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple p...

5.8CVSS4.9AI score0.00472EPSS
CVE
CVE
added 2017/08/07 5:29 p.m.397 views

CVE-2011-5325

Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.

7.5CVSS8.2AI score0.0551EPSS
CVE
CVE
added 2018/04/29 9:29 p.m.397 views

CVE-2018-10546

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.

7.5CVSS6.8AI score0.58915EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.397 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.

6.5CVSS7.1AI score0.00377EPSS
CVE
CVE
added 2016/10/03 6:59 p.m.396 views

CVE-2016-7401

The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.

7.5CVSS7.5AI score0.06628EPSS
CVE
CVE
added 2018/11/28 2:29 p.m.396 views

CVE-2018-16841

Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal...

6.5CVSS6.6AI score0.06788EPSS
CVE
CVE
added 2020/08/21 9:15 p.m.396 views

CVE-2020-8624

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of th...

4.3CVSS6.1AI score0.00206EPSS
CVE
CVE
added 2019/07/11 7:15 p.m.395 views

CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking...

5.9CVSS7AI score0.18267EPSS
CVE
CVE
added 2017/05/23 4:29 a.m.394 views

CVE-2016-9842

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.

8.8CVSS9.5AI score0.10907EPSS
CVE
CVE
added 2018/08/22 5:29 p.m.392 views

CVE-2018-10919

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are v...

6.5CVSS6.7AI score0.02821EPSS
CVE
CVE
added 2020/06/08 5:15 p.m.392 views

CVE-2020-12049

An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket...

5.5CVSS5.4AI score0.00022EPSS
CVE
CVE
added 2019/03/21 4:0 p.m.389 views

CVE-2018-20669

An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resultin...

7.8CVSS7.2AI score0.00098EPSS
CVE
CVE
added 2017/02/09 3:59 p.m.388 views

CVE-2016-2148

Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.

9.8CVSS9.6AI score0.15842EPSS
CVE
CVE
added 2018/12/11 4:29 p.m.388 views

CVE-2018-18356

An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.02245EPSS
CVE
CVE
added 2019/04/22 10:29 p.m.388 views

CVE-2019-11459

The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.

5.5CVSS5.5AI score0.00451EPSS
CVE
CVE
added 2019/01/11 9:29 p.m.387 views

CVE-2018-16865

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-jo...

7.8CVSS7.8AI score0.02073EPSS
CVE
CVE
added 2019/04/07 12:29 a.m.385 views

CVE-2019-10906

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.

8.6CVSS8.4AI score0.02696EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.385 views

CVE-2019-19068

A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.

4.9CVSS6.1AI score0.00094EPSS
CVE
CVE
added 2019/12/10 11:15 p.m.384 views

CVE-2019-14861

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permis...

5.3CVSS5.3AI score0.0268EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.384 views

CVE-2019-15220

An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

4.9CVSS6AI score0.00088EPSS
CVE
CVE
added 2019/08/25 4:15 p.m.384 views

CVE-2019-15538

An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a...

7.8CVSS7.9AI score0.13455EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.384 views

CVE-2019-19063

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.

4.9CVSS6.5AI score0.00075EPSS
CVE
CVE
added 2020/05/09 9:15 p.m.384 views

CVE-2020-12769

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

5.5CVSS5.7AI score0.00063EPSS
CVE
CVE
added 2018/06/12 1:29 p.m.383 views

CVE-2018-0732

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This...

7.5CVSS7.7AI score0.81092EPSS
CVE
CVE
added 2020/01/08 10:15 p.m.383 views

CVE-2019-17023

After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72.

6.5CVSS6.9AI score0.00166EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.383 views

CVE-2019-19060

A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.

7.8CVSS7.5AI score0.00527EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.383 views

CVE-2019-2481

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...

4.9CVSS4.8AI score0.00069EPSS
CVE
CVE
added 2018/01/16 9:29 a.m.382 views

CVE-2018-5712

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

6.1CVSS7.1AI score0.89192EPSS
CVE
CVE
added 2018/06/26 4:29 p.m.381 views

CVE-2018-1000517

BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixe...

9.8CVSS9.4AI score0.39905EPSS
CVE
CVE
added 2016/06/07 2:6 p.m.380 views

CVE-2016-4450

os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file.

7.5CVSS7AI score0.02992EPSS
CVE
CVE
added 2018/08/09 8:29 p.m.380 views

CVE-2018-10915

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side co...

8.5CVSS7.3AI score0.01557EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.380 views

CVE-2019-19045

A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.

4.9CVSS5.8AI score0.00053EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.378 views

CVE-2019-18808

A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.

5.5CVSS6.1AI score0.00019EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.378 views

CVE-2019-2975

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple proto...

5.8CVSS4.8AI score0.0028EPSS
CVE
CVE
added 2020/05/21 4:15 p.m.378 views

CVE-2020-13112

An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

9.1CVSS6.8AI score0.00766EPSS
CVE
CVE
added 2019/01/11 8:29 p.m.377 views

CVE-2018-16864

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versi...

7.8CVSS6.2AI score0.00199EPSS
CVE
CVE
added 2019/09/25 3:15 p.m.377 views

CVE-2019-13627

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.

6.3CVSS6.3AI score0.00037EPSS
CVE
CVE
added 2020/05/18 6:15 p.m.376 views

CVE-2020-13143

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

6.5CVSS6.5AI score0.01742EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.375 views

CVE-2018-3081

Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via...

5CVSS5.2AI score0.00102EPSS
CVE
CVE
added 2019/08/16 12:15 a.m.374 views

CVE-2019-15090

An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.

6.7CVSS7.1AI score0.00094EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.374 views

CVE-2019-18679

An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information red...

7.5CVSS8.5AI score0.68491EPSS
CVE
CVE
added 2020/05/08 3:15 p.m.374 views

CVE-2020-10690

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying devi...

6.5CVSS6.5AI score0.00024EPSS
CVE
CVE
added 2020/07/06 6:15 p.m.374 views

CVE-2020-14303

A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.

7.5CVSS7.2AI score0.1872EPSS
CVE
CVE
added 2018/12/18 10:29 p.m.372 views

CVE-2018-16884

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption an...

8CVSS7.8AI score0.00078EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.372 views

CVE-2018-3133

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mul...

6.5CVSS6.3AI score0.00399EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.371 views

CVE-2019-2422

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to co...

3.1CVSS2.4AI score0.00128EPSS
CVE
CVE
added 2020/05/09 9:15 p.m.371 views

CVE-2020-12767

exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.

5.5CVSS6.6AI score0.00156EPSS
Total number of security vulnerabilities2225