Lucene search

K
CanonicalUbuntu Linux18.04

1817 matches found

CVE
CVE
added 2020/06/25 10:15 p.m.89 views

CVE-2020-5967

NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service.

4.7CVSS5.4AI score0.00042EPSS
CVE
CVE
added 2017/09/20 5:29 p.m.88 views

CVE-2017-14607

In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

8.1CVSS7AI score0.01676EPSS
CVE
CVE
added 2017/11/05 10:29 p.m.88 views

CVE-2017-16546

The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malfor...

8.8CVSS9.2AI score0.00594EPSS
CVE
CVE
added 2018/10/26 2:29 p.m.88 views

CVE-2018-15687

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

7.8CVSS7.6AI score0.00352EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.88 views

CVE-2018-2812

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

5.5CVSS5.3AI score0.00401EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.88 views

CVE-2018-5164

Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vulnerability affects Firefox

6.1CVSS5.8AI score0.00726EPSS
CVE
CVE
added 2017/08/30 9:29 a.m.87 views

CVE-2017-13769

The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

6.5CVSS6.6AI score0.00531EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.87 views

CVE-2017-17879

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.

8.8CVSS7.1AI score0.01108EPSS
CVE
CVE
added 2017/08/23 6:29 a.m.86 views

CVE-2017-13145

In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.

6.5CVSS7.5AI score0.01329EPSS
CVE
CVE
added 2017/09/07 6:29 a.m.86 views

CVE-2017-14175

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over ...

7.1CVSS6.9AI score0.00579EPSS
CVE
CVE
added 2018/08/25 9:29 p.m.86 views

CVE-2018-15862

Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers.

5.5CVSS5.9AI score0.00059EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.86 views

CVE-2018-5160

WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox

7.5CVSS6.4AI score0.03059EPSS
CVE
CVE
added 2018/03/06 5:29 p.m.86 views

CVE-2018-7726

An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.4AI score0.00348EPSS
CVE
CVE
added 2019/03/25 12:29 a.m.86 views

CVE-2019-10018

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.

5.5CVSS5.8AI score0.00486EPSS
CVE
CVE
added 2020/06/25 12:15 a.m.86 views

CVE-2020-5963

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.

7.8CVSS7.3AI score0.00058EPSS
CVE
CVE
added 2022/09/02 4:15 a.m.86 views

CVE-2022-39177

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.

8.8CVSS8.1AI score0.00038EPSS
CVE
CVE
added 2017/09/07 6:29 a.m.85 views

CVE-2017-14172

In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" ...

7.1CVSS6.8AI score0.00579EPSS
CVE
CVE
added 2017/12/11 2:29 a.m.85 views

CVE-2017-17504

ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.

6.5CVSS7AI score0.00979EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.85 views

CVE-2018-2816

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

4.9CVSS5AI score0.0038EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.85 views

CVE-2018-5163

If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the exe...

8.1CVSS6.3AI score0.02215EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.85 views

CVE-2018-5166

WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox

7.5CVSS6.2AI score0.00969EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.85 views

CVE-2018-5172

The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site to socially engineer a user to copy and paste malicious script content that could then run with the...

4.3CVSS5.6AI score0.00849EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.85 views

CVE-2018-5176

The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. This ...

6.1CVSS6.3AI score0.0045EPSS
CVE
CVE
added 2017/07/24 1:29 a.m.84 views

CVE-2017-11591

There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.

7.5CVSS7.2AI score0.00491EPSS
CVE
CVE
added 2018/04/29 3:29 a.m.84 views

CVE-2018-10529

An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.

8.8CVSS8.3AI score0.00452EPSS
CVE
CVE
added 2018/11/02 10:29 p.m.84 views

CVE-2018-16847

An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU pr...

7.8CVSS8.4AI score0.00109EPSS
CVE
CVE
added 2018/09/19 4:29 p.m.84 views

CVE-2018-17204

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and ...

4.3CVSS4.8AI score0.01171EPSS
CVE
CVE
added 2018/02/23 10:29 p.m.84 views

CVE-2018-7443

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c).

6.5CVSS6.2AI score0.01218EPSS
CVE
CVE
added 2019/08/23 6:15 a.m.84 views

CVE-2019-15504

drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).

10CVSS8.8AI score0.03484EPSS
CVE
CVE
added 2017/12/14 6:29 a.m.83 views

CVE-2017-17682

In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.

7.1CVSS6.6AI score0.01465EPSS
CVE
CVE
added 2018/10/26 2:29 p.m.83 views

CVE-2018-18661

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.

6.5CVSS7.1AI score0.00263EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.83 views

CVE-2018-5153

If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox

7.5CVSS6.1AI score0.01185EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.83 views

CVE-2018-5181

If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is to open it with th...

7.5CVSS6.1AI score0.012EPSS
CVE
CVE
added 2020/04/22 10:15 p.m.83 views

CVE-2020-8833

Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown calls when the Apport cron script clears out crash f...

5.6CVSS5.2AI score0.00042EPSS
CVE
CVE
added 2023/06/28 8:15 p.m.83 views

CVE-2023-3389

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c7...

7.8CVSS6.2AI score0.00021EPSS
CVE
CVE
added 2018/01/02 3:29 p.m.82 views

CVE-2017-1000445

ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service

6.5CVSS6.9AI score0.01758EPSS
CVE
CVE
added 2017/09/07 6:29 a.m.82 views

CVE-2017-14173

In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims ...

6.5CVSS7.1AI score0.01402EPSS
CVE
CVE
added 2018/06/11 9:29 p.m.82 views

CVE-2018-5169

If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability affects Firefox

6.5CVSS6.2AI score0.00705EPSS
CVE
CVE
added 2020/09/23 2:15 p.m.81 views

CVE-2020-25739

An issue was discovered in the gon gem before gon-6.4.0 for Ruby. MultiJson does not honor the escape_mode parameter to escape fields as an XSS protection mechanism. To mitigate, json_dumper.rb in gon now does escaping for XSS by default without relying on MultiJson.

6.1CVSS6AI score0.00463EPSS
CVE
CVE
added 2017/08/31 3:29 p.m.80 views

CVE-2017-14060

In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file.

6.5CVSS6.7AI score0.00476EPSS
CVE
CVE
added 2017/09/18 1:29 a.m.80 views

CVE-2017-14532

ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.

9.8CVSS7.5AI score0.01511EPSS
CVE
CVE
added 2017/10/05 1:29 a.m.80 views

CVE-2017-15015

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.

8.8CVSS7.1AI score0.00293EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.80 views

CVE-2019-2923

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to comprom...

5.3CVSS4.3AI score0.01329EPSS
CVE
CVE
added 2020/05/07 12:15 a.m.80 views

CVE-2020-12689

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially...

8.8CVSS8.3AI score0.00521EPSS
CVE
CVE
added 2017/09/18 1:29 a.m.79 views

CVE-2017-14531

ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.

7.1CVSS7AI score0.00707EPSS
CVE
CVE
added 2017/10/05 1:29 a.m.79 views

CVE-2017-15017

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.

8.8CVSS7AI score0.00335EPSS
CVE
CVE
added 2018/06/19 9:29 p.m.79 views

CVE-2018-12293

The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which coul...

8.8CVSS8.5AI score0.40114EPSS
CVE
CVE
added 2018/12/20 11:29 p.m.79 views

CVE-2018-20191

hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).

7.5CVSS6.9AI score0.01625EPSS
CVE
CVE
added 2018/01/05 7:29 p.m.79 views

CVE-2018-5248

In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.

8.8CVSS7.1AI score0.01676EPSS
CVE
CVE
added 2020/05/07 12:15 a.m.79 views

CVE-2020-12691

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. T...

8.8CVSS8.3AI score0.03012EPSS
Total number of security vulnerabilities1817