Lucene search

K
CanonicalUbuntu Linux18.04

1817 matches found

CVE
CVE
added 2019/11/18 6:15 a.m.110 views

CVE-2019-19069

A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.

7.8CVSS6.8AI score0.00932EPSS
CVE
CVE
added 2020/11/28 7:15 a.m.110 views

CVE-2020-29372

An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. There is a race condition between coredump operations and the IORING_OP_MADVISE implementation, aka CID-bc0c4d1e176e.

4.7CVSS4.5AI score0.00045EPSS
CVE
CVE
added 2018/06/01 3:29 p.m.109 views

CVE-2018-11656

In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.

6.5CVSS6.9AI score0.00187EPSS
CVE
CVE
added 2018/09/05 8:29 a.m.109 views

CVE-2018-13259

An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.

9.8CVSS8.4AI score0.01197EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.109 views

CVE-2018-3071

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Audit Log). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attack...

4.9CVSS4.8AI score0.00456EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.109 views

CVE-2018-5157

Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8...

7.5CVSS6.1AI score0.00606EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.109 views

CVE-2018-5184

Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird

7.5CVSS7.2AI score0.00789EPSS
CVE
CVE
added 2019/02/24 12:29 a.m.109 views

CVE-2019-9073

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.

5.5CVSS6.1AI score0.00284EPSS
CVE
CVE
added 2022/02/17 11:15 p.m.109 views

CVE-2021-3155

snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

5.5CVSS5.9AI score0.00035EPSS
CVE
CVE
added 2018/08/25 9:29 p.m.108 views

CVE-2018-15857

An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file.

7.8CVSS7.9AI score0.00083EPSS
CVE
CVE
added 2019/03/21 6:29 p.m.108 views

CVE-2019-9903

PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.

6.5CVSS6.3AI score0.00445EPSS
CVE
CVE
added 2020/02/19 7:15 p.m.108 views

CVE-2020-6061

An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability.

9.8CVSS9AI score0.01393EPSS
CVE
CVE
added 2017/11/17 8:29 p.m.107 views

CVE-2017-16845

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.

10CVSS9.2AI score0.02074EPSS
CVE
CVE
added 2018/08/25 9:29 p.m.107 views

CVE-2018-15855

Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkb_geometry section was mishandled.

5.5CVSS5.9AI score0.00059EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.107 views

CVE-2018-4232

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attacker...

4.3CVSS5.2AI score0.01891EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.107 views

CVE-2018-5170

It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird

4.3CVSS6.1AI score0.0117EPSS
CVE
CVE
added 2018/05/10 2:29 p.m.106 views

CVE-2017-18266

The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by %s in this environment ...

8.8CVSS8.2AI score0.01377EPSS
CVE
CVE
added 2019/02/18 5:29 p.m.106 views

CVE-2019-8904

do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.

8.8CVSS6.1AI score0.0051EPSS
CVE
CVE
added 2018/04/12 5:29 p.m.105 views

CVE-2018-1084

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

7.5CVSS7.5AI score0.008EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.105 views

CVE-2018-2846

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. ...

4.9CVSS5AI score0.0038EPSS
CVE
CVE
added 2019/09/11 4:15 p.m.105 views

CVE-2019-16229

drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id

4.7CVSS4.7AI score0.00012EPSS
CVE
CVE
added 2020/06/25 7:15 p.m.105 views

CVE-2020-10994

In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.

5.5CVSS6.1AI score0.00391EPSS
CVE
CVE
added 2018/05/10 2:29 a.m.104 views

CVE-2018-10958

In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.

6.5CVSS6.4AI score0.01419EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.104 views

CVE-2018-4199

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS8.7AI score0.03352EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.104 views

CVE-2018-5180

A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affects Firefox

7.5CVSS6.5AI score0.03059EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.104 views

CVE-2019-2922

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to comprom...

5.3CVSS4.3AI score0.02597EPSS
CVE
CVE
added 2020/12/04 3:15 a.m.104 views

CVE-2020-27348

In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions prior to 4.4.4, prior to 2.4...

6.8CVSS6.8AI score0.00078EPSS
CVE
CVE
added 2018/09/06 2:29 p.m.103 views

CVE-2018-16585

An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostS...

7.8CVSS7.3AI score0.04114EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.102 views

CVE-2018-12370

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox

8.8CVSS7.9AI score0.00392EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.102 views

CVE-2018-12403

If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox

5.3CVSS6.1AI score0.01508EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.102 views

CVE-2018-3061

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful atta...

4.9CVSS4.8AI score0.00456EPSS
CVE
CVE
added 2018/09/05 8:29 a.m.101 views

CVE-2018-0502

An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.

9.8CVSS8.3AI score0.01197EPSS
CVE
CVE
added 2018/05/28 1:29 p.m.101 views

CVE-2018-11508

The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex.

5.5CVSS4.9AI score0.01537EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.101 views

CVE-2018-12399

When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. This vulnerability affects Firefox

4.3CVSS5.5AI score0.0057EPSS
CVE
CVE
added 2018/08/25 9:29 p.m.101 views

CVE-2018-15859

Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled.

5.5CVSS5.9AI score0.00068EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.101 views

CVE-2018-5151

Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox

10CVSS7.6AI score0.04615EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.101 views

CVE-2018-5173

The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, cor...

5.3CVSS6.2AI score0.00927EPSS
CVE
CVE
added 2017/12/11 2:29 a.m.100 views

CVE-2017-17499

ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.

9.8CVSS9.2AI score0.02031EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.100 views

CVE-2018-12375

Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox

8.8CVSS7.7AI score0.01995EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.100 views

CVE-2018-5162

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird

7.5CVSS7.3AI score0.00699EPSS
CVE
CVE
added 2020/04/24 12:15 a.m.100 views

CVE-2019-15793

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have been translated in...

8.8CVSS7.2AI score0.00045EPSS
CVE
CVE
added 2020/04/22 10:15 p.m.100 views

CVE-2020-8831

Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. If the apport/ directory does not exist (this is not uncommon as /var/lock is a tmpfs), it will create the directory, otherwise it will simply continue execution using the existing direct...

6.5CVSS5.8AI score0.00103EPSS
CVE
CVE
added 2018/05/12 4:29 a.m.99 views

CVE-2018-10998

An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.

6.5CVSS6.2AI score0.01214EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.99 views

CVE-2018-12407

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox

9.8CVSS7.3AI score0.05316EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.99 views

CVE-2018-2777

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

4.9CVSS5AI score0.0009EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.99 views

CVE-2018-2825

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require ...

8.3CVSS8AI score0.01133EPSS
CVE
CVE
added 2020/04/24 12:15 a.m.99 views

CVE-2019-15792

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts file->private_data, a void* that points to a f...

7.8CVSS7.9AI score0.00265EPSS
CVE
CVE
added 2018/10/18 1:29 p.m.98 views

CVE-2018-12358

Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability affects Firefox

4.3CVSS5.1AI score0.00399EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.98 views

CVE-2018-12398

By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy (CSP). This vulnerability affects Firefox

6.5CVSS7AI score0.00431EPSS
CVE
CVE
added 2019/02/28 6:29 p.m.98 views

CVE-2018-12402

The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources ...

6.5CVSS7.1AI score0.0012EPSS
Total number of security vulnerabilities1817