Lucene search

K
CanonicalUbuntu Linux18.04

1817 matches found

CVE
CVE
added 2018/06/20 6:29 p.m.181 views

CVE-2018-12600

In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.

8.8CVSS8.2AI score0.00309EPSS
CVE
CVE
added 2018/09/06 10:29 p.m.181 views

CVE-2018-16640

ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.

6.5CVSS6.3AI score0.00434EPSS
CVE
CVE
added 2018/12/28 4:29 p.m.181 views

CVE-2018-20549

There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.

8.8CVSS8.4AI score0.00828EPSS
CVE
CVE
added 2020/08/12 4:15 p.m.181 views

CVE-2020-12673

In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.

7.5CVSS7.3AI score0.01131EPSS
CVE
CVE
added 2016/06/10 3:59 p.m.180 views

CVE-2016-4429

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.

5.9CVSS6.8AI score0.016EPSS
CVE
CVE
added 2018/07/17 5:29 p.m.180 views

CVE-2018-14350

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.

9.8CVSS9.5AI score0.06747EPSS
CVE
CVE
added 2019/12/05 2:15 p.m.180 views

CVE-2019-19602

fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact because of incorrect fpu_fpregs_owner_ctx caching, as demonst...

6.1CVSS6.7AI score0.00038EPSS
CVE
CVE
added 2019/11/13 6:15 p.m.180 views

CVE-2019-2201

In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Produc...

9.3CVSS7.9AI score0.01526EPSS
CVE
CVE
added 2018/09/17 2:29 p.m.179 views

CVE-2017-15705

A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssassin, using HTML::Parser, we setup an object and ho...

5.3CVSS5.9AI score0.01839EPSS
CVE
CVE
added 2018/12/20 5:29 p.m.179 views

CVE-2018-1000878

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to b...

8.8CVSS8.4AI score0.01757EPSS
CVE
CVE
added 2018/04/18 9:29 p.m.179 views

CVE-2018-10194

The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other imp...

7.8CVSS7.2AI score0.00286EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.179 views

CVE-2018-3070

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols ...

6.5CVSS5.1AI score0.00884EPSS
CVE
CVE
added 2020/05/19 7:15 p.m.179 views

CVE-2020-10724

A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing an information leak through an out-of-bounds memory read.

5.1CVSS5.7AI score0.00088EPSS
CVE
CVE
added 2018/07/03 10:29 a.m.178 views

CVE-2018-13099

An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.

5.5CVSS5.8AI score0.0076EPSS
CVE
CVE
added 2018/10/22 4:29 p.m.178 views

CVE-2018-18557

LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JB...

8.8CVSS8.5AI score0.33023EPSS
CVE
CVE
added 2019/01/11 6:29 p.m.178 views

CVE-2018-4180

In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.

7.8CVSS4.8AI score0.00144EPSS
CVE
CVE
added 2018/03/08 8:29 p.m.178 views

CVE-2018-7183

Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.

9.8CVSS7.9AI score0.14768EPSS
CVE
CVE
added 2020/04/15 8:15 p.m.178 views

CVE-2019-12520

An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo (usern...

7.5CVSS8.3AI score0.06184EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.178 views

CVE-2020-11759

An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.

5.5CVSS6.1AI score0.00718EPSS
CVE
CVE
added 2020/06/29 8:15 p.m.178 views

CVE-2020-4067

In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the p...

7.5CVSS7AI score0.00926EPSS
CVE
CVE
added 2018/08/24 7:29 p.m.177 views

CVE-2018-14598

An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).

7.5CVSS8.2AI score0.01126EPSS
CVE
CVE
added 2019/01/11 6:29 p.m.177 views

CVE-2018-4181

In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.

5.5CVSS4.8AI score0.00117EPSS
CVE
CVE
added 2019/04/08 7:29 p.m.177 views

CVE-2019-11008

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.

8.8CVSS7.7AI score0.01774EPSS
CVE
CVE
added 2018/11/23 5:29 a.m.176 views

CVE-2018-19475

psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.

7.8CVSS6.6AI score0.71783EPSS
CVE
CVE
added 2018/05/10 3:29 p.m.174 views

CVE-2017-18267

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.

5.5CVSS5.7AI score0.00451EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.174 views

CVE-2018-12390

Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Fir...

9.8CVSS8.3AI score0.06392EPSS
CVE
CVE
added 2018/07/17 5:29 p.m.174 views

CVE-2018-14358

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.

9.8CVSS9.5AI score0.03857EPSS
CVE
CVE
added 2018/12/19 4:29 p.m.174 views

CVE-2018-15127

LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution

9.8CVSS9.8AI score0.1561EPSS
CVE
CVE
added 2018/09/09 3:29 p.m.174 views

CVE-2018-16749

In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.

6.5CVSS6.6AI score0.00241EPSS
CVE
CVE
added 2018/01/19 8:29 a.m.174 views

CVE-2018-5785

In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

6.5CVSS6.4AI score0.00779EPSS
CVE
CVE
added 2019/11/28 12:15 a.m.174 views

CVE-2019-19318

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

4.4CVSS6AI score0.0036EPSS
CVE
CVE
added 2018/08/22 1:29 p.m.173 views

CVE-2018-10846

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.

5.6CVSS5.5AI score0.00025EPSS
CVE
CVE
added 2018/06/20 6:29 p.m.173 views

CVE-2018-12599

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

8.8CVSS8.2AI score0.00309EPSS
CVE
CVE
added 2018/08/27 5:29 p.m.173 views

CVE-2018-15910

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.

7.8CVSS6.7AI score0.04114EPSS
CVE
CVE
added 2018/11/29 6:29 p.m.173 views

CVE-2018-8788

FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.

9.8CVSS9.7AI score0.0829EPSS
CVE
CVE
added 2019/05/23 12:29 p.m.173 views

CVE-2019-12295

In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion.

7.5CVSS7.2AI score0.01969EPSS
CVE
CVE
added 2020/08/31 3:15 p.m.173 views

CVE-2020-12829

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_op...

3.8CVSS5.1AI score0.00034EPSS
CVE
CVE
added 2020/06/04 4:15 p.m.173 views

CVE-2020-13800

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.

6CVSS5.6AI score0.00114EPSS
CVE
CVE
added 2020/06/22 10:15 p.m.173 views

CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.

4.3CVSS5.3AI score0.00405EPSS
CVE
CVE
added 2018/08/23 11:29 p.m.172 views

CVE-2018-15822

The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure.

7.5CVSS7.5AI score0.0162EPSS
CVE
CVE
added 2018/08/31 4:29 p.m.172 views

CVE-2018-16276

An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.

7.8CVSS7.3AI score0.0008EPSS
CVE
CVE
added 2018/03/13 6:29 a.m.172 views

CVE-2018-8087

Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.

5.5CVSS5.2AI score0.00031EPSS
CVE
CVE
added 2019/04/19 12:29 a.m.172 views

CVE-2019-11338

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.

8.8CVSS8.9AI score0.01319EPSS
CVE
CVE
added 2019/10/10 5:15 p.m.172 views

CVE-2019-17451

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.

6.5CVSS6.7AI score0.00622EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.172 views

CVE-2019-19055

A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of...

5.5CVSS6.5AI score0.00097EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.172 views

CVE-2019-6215

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.1AI score0.4241EPSS
CVE
CVE
added 2020/06/22 10:15 p.m.172 views

CVE-2020-4031

In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.

7.5CVSS5.3AI score0.0037EPSS
CVE
CVE
added 2018/07/03 10:29 a.m.171 views

CVE-2018-13096

An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.

5.5CVSS5.6AI score0.00588EPSS
CVE
CVE
added 2018/09/09 3:29 p.m.171 views

CVE-2018-16750

In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.

6.5CVSS6.7AI score0.00132EPSS
CVE
CVE
added 2018/11/23 5:29 a.m.171 views

CVE-2018-19477

psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.

7.8CVSS6.6AI score0.00853EPSS
Total number of security vulnerabilities1817