Lucene search

K
CanonicalUbuntu Linux18.04

1817 matches found

CVE
CVE
added 2018/12/20 9:29 p.m.67 views

CVE-2018-20125

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.

7.5CVSS7AI score0.01684EPSS
CVE
CVE
added 2018/02/02 9:29 a.m.67 views

CVE-2018-6540

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.5AI score0.00416EPSS
CVE
CVE
added 2024/06/04 10:15 p.m.67 views

CVE-2022-28658

Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing

5.5CVSS6.6AI score0.00055EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.66 views

CVE-2017-17934

ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.

6.5CVSS6.3AI score0.00508EPSS
CVE
CVE
added 2019/09/11 7:15 p.m.66 views

CVE-2019-16237

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.

7.5CVSS7.3AI score0.00413EPSS
CVE
CVE
added 2020/12/09 4:15 a.m.66 views

CVE-2020-27349

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.

5.5CVSS5.3AI score0.00041EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.65 views

CVE-2017-17884

In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.

6.5CVSS6.5AI score0.0045EPSS
CVE
CVE
added 2018/05/25 2:29 p.m.65 views

CVE-2018-11469

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.

5.9CVSS5.8AI score0.0003EPSS
CVE
CVE
added 2019/02/06 11:29 p.m.65 views

CVE-2018-20760

In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.

7.8CVSS7.6AI score0.00217EPSS
CVE
CVE
added 2018/02/02 9:29 a.m.65 views

CVE-2018-6541

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.4AI score0.00442EPSS
CVE
CVE
added 2020/06/10 5:15 p.m.65 views

CVE-2020-10755

An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleIO ...

6.5CVSS6.2AI score0.00295EPSS
CVE
CVE
added 2017/10/05 7:29 a.m.64 views

CVE-2017-15033

ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.

7.5CVSS8.2AI score0.00257EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.64 views

CVE-2017-17885

In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.

6.5CVSS6.5AI score0.0045EPSS
CVE
CVE
added 2018/01/12 8:29 p.m.64 views

CVE-2017-18028

In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.

7.1CVSS6.6AI score0.00625EPSS
CVE
CVE
added 2018/03/01 9:29 p.m.64 views

CVE-2017-18209

In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

8.8CVSS7AI score0.00389EPSS
CVE
CVE
added 2018/12/20 9:29 p.m.64 views

CVE-2018-20216

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).

7.5CVSS7.2AI score0.02783EPSS
CVE
CVE
added 2019/09/17 12:15 p.m.64 views

CVE-2019-16378

OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message.

9.8CVSS9.2AI score0.00605EPSS
CVE
CVE
added 2017/09/12 8:29 a.m.63 views

CVE-2017-14326

In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.

6.5CVSS6.5AI score0.00377EPSS
CVE
CVE
added 2017/12/13 10:29 p.m.63 views

CVE-2017-17669

There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.

5.5CVSS6.1AI score0.00167EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.63 views

CVE-2017-17882

In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.

6.5CVSS6.5AI score0.0045EPSS
CVE
CVE
added 2019/04/01 9:30 p.m.63 views

CVE-2018-3979

A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger t...

7.4CVSS6.4AI score0.00437EPSS
CVE
CVE
added 2017/09/12 8:29 a.m.62 views

CVE-2017-14325

In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.

7.1CVSS6.5AI score0.00421EPSS
CVE
CVE
added 2018/12/07 10:29 p.m.62 views

CVE-2018-5810

An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

8.8CVSS7.2AI score0.00567EPSS
CVE
CVE
added 2020/06/17 4:15 p.m.62 views

CVE-2020-14396

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.

7.5CVSS7.3AI score0.01243EPSS
CVE
CVE
added 2017/09/21 5:29 a.m.61 views

CVE-2017-14626

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.

9.8CVSS7.5AI score0.01117EPSS
CVE
CVE
added 2018/01/05 7:29 p.m.61 views

CVE-2017-18022

In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.

6.5CVSS7.1AI score0.0029EPSS
CVE
CVE
added 2019/02/06 11:29 p.m.61 views

CVE-2018-20762

GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.

7.8CVSS7.7AI score0.00274EPSS
CVE
CVE
added 2018/01/29 5:29 p.m.61 views

CVE-2018-6381

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of fi...

6.5CVSS5.7AI score0.00317EPSS
CVE
CVE
added 2018/02/09 6:29 a.m.61 views

CVE-2018-6869

In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the __zzip_parse_root_directory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.5AI score0.01067EPSS
CVE
CVE
added 2019/07/04 3:15 p.m.61 views

CVE-2019-13241

FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.

7.8CVSS7.4AI score0.00922EPSS
CVE
CVE
added 2018/02/02 2:29 p.m.60 views

CVE-2017-14177

Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an...

7.8CVSS7.6AI score0.00109EPSS
CVE
CVE
added 2017/09/12 5:29 p.m.60 views

CVE-2017-14343

ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.

6.5CVSS6.2AI score0.00406EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.60 views

CVE-2017-15218

ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.

6.5CVSS7AI score0.00467EPSS
CVE
CVE
added 2018/06/29 2:29 p.m.60 views

CVE-2018-13005

An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read.

9.8CVSS9.3AI score0.00593EPSS
CVE
CVE
added 2019/02/06 11:29 p.m.60 views

CVE-2018-20763

In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.

7.8CVSS7.6AI score0.00217EPSS
CVE
CVE
added 2018/02/01 5:29 a.m.60 views

CVE-2018-6484

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

6.5CVSS5.5AI score0.00416EPSS
CVE
CVE
added 2018/01/12 8:29 p.m.59 views

CVE-2017-18027

In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.

6.5CVSS6.6AI score0.00615EPSS
CVE
CVE
added 2018/01/12 8:29 p.m.59 views

CVE-2017-18029

In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.

6.5CVSS6.6AI score0.00897EPSS
CVE
CVE
added 2018/03/07 11:29 p.m.59 views

CVE-2018-7752

GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100.

7.8CVSS7.5AI score0.00213EPSS
CVE
CVE
added 2019/09/11 7:15 p.m.59 views

CVE-2019-16236

Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.

7.5CVSS7.3AI score0.00795EPSS
CVE
CVE
added 2017/09/12 5:29 p.m.58 views

CVE-2017-14342

ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.

6.5CVSS6.8AI score0.00266EPSS
CVE
CVE
added 2018/06/29 2:29 p.m.58 views

CVE-2018-13006

An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.

9.8CVSS9.3AI score0.00697EPSS
CVE
CVE
added 2018/12/17 7:29 p.m.58 views

CVE-2018-20185

In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.

5.3CVSS5.2AI score0.00896EPSS
CVE
CVE
added 2018/01/01 8:29 a.m.57 views

CVE-2017-18008

In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.

6.5CVSS7.1AI score0.00469EPSS
CVE
CVE
added 2018/12/07 10:29 p.m.55 views

CVE-2018-5811

An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

6.5CVSS6.2AI score0.00384EPSS
CVE
CVE
added 2019/03/29 5:29 a.m.55 views

CVE-2019-10269

BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.

10CVSS9.4AI score0.00833EPSS
CVE
CVE
added 2020/08/06 11:15 p.m.55 views

CVE-2020-15701

An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7....

5.5CVSS5.4AI score0.0013EPSS
CVE
CVE
added 2024/06/04 10:15 p.m.55 views

CVE-2022-28655

is_closing_session() allows users to create arbitrary tcp dbus connections

7.1CVSS6.6AI score0.00053EPSS
CVE
CVE
added 2017/10/05 7:29 a.m.54 views

CVE-2017-15032

ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

9.8CVSS9.1AI score0.00316EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.54 views

CVE-2017-17886

In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file.

6.5CVSS6.3AI score0.00447EPSS
Total number of security vulnerabilities1817