Lucene search

K
CanonicalUbuntu Linux19.10

433 matches found

CVE
CVE
added 2019/10/28 3:15 p.m.4103 views

CVE-2019-11043

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

9.8CVSS9.6AI score0.94114EPSS
CVE
CVE
added 2020/01/30 7:15 p.m.2268 views

CVE-2020-8492

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

7.1CVSS7AI score0.03912EPSS
CVE
CVE
added 2020/05/11 2:15 p.m.1631 views

CVE-2020-12783

Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.

7.5CVSS7.5AI score0.02632EPSS
CVE
CVE
added 2020/01/29 4:15 p.m.1136 views

CVE-2020-7247

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. ...

10CVSS9.5AI score0.94036EPSS
CVE
CVE
added 2020/04/01 4:15 a.m.960 views

CVE-2020-7065

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.

8.8CVSS8.2AI score0.0878EPSS
CVE
CVE
added 2020/04/23 3:15 p.m.954 views

CVE-2020-11945

An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if...

9.8CVSS9.7AI score0.32932EPSS
CVE
CVE
added 2020/06/15 2:15 p.m.937 views

CVE-2020-0543

Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS6.3AI score0.00533EPSS
CVE
CVE
added 2020/05/19 2:15 p.m.833 views

CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

7.5CVSS7.2AI score0.9247EPSS
CVE
CVE
added 2019/11/20 6:15 p.m.824 views

CVE-2019-3466

The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.

7.8CVSS7.4AI score0.00131EPSS
CVE
CVE
added 2020/04/01 4:15 a.m.799 views

CVE-2020-7064

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.

6.5CVSS6.8AI score0.03132EPSS
CVE
CVE
added 2020/02/04 8:15 p.m.784 views

CVE-2020-8450

An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.

7.5CVSS7.5AI score0.39735EPSS
CVE
CVE
added 2020/03/12 7:15 p.m.761 views

CVE-2020-10531

An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

8.8CVSS8.7AI score0.0064EPSS
CVE
CVE
added 2020/01/15 5:15 p.m.691 views

CVE-2020-2574

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

5.9CVSS5.6AI score0.00188EPSS
CVE
CVE
added 2019/12/23 3:15 a.m.666 views

CVE-2019-11047

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure...

6.5CVSS7AI score0.03174EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.665 views

CVE-2019-12526

An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data ov...

9.8CVSS9.2AI score0.39194EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.657 views

CVE-2019-2938

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Su...

4.4CVSS4.5AI score0.00092EPSS
CVE
CVE
added 2019/09/24 6:15 a.m.642 views

CVE-2019-16746

An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.

9.8CVSS9.1AI score0.02658EPSS
CVE
CVE
added 2019/12/23 3:15 a.m.616 views

CVE-2019-11045

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.

5.9CVSS7AI score0.49924EPSS
CVE
CVE
added 2020/05/22 3:15 p.m.616 views

CVE-2020-10711

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processin...

5.9CVSS6.5AI score0.00671EPSS
CVE
CVE
added 2019/06/19 12:15 a.m.615 views

CVE-2019-11038

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized var...

5.3CVSS5.5AI score0.08292EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.588 views

CVE-2019-13734

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.06699EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.578 views

CVE-2019-2974

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to c...

6.5CVSS6.3AI score0.00298EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.578 views

CVE-2020-2760

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Succ...

5.5CVSS5.6AI score0.00095EPSS
CVE
CVE
added 2019/10/21 5:15 a.m.576 views

CVE-2019-18218

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

7.8CVSS8AI score0.00216EPSS
CVE
CVE
added 2020/01/21 11:15 p.m.576 views

CVE-2020-7595

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

7.5CVSS7.6AI score0.00482EPSS
CVE
CVE
added 2019/10/17 2:15 a.m.572 views

CVE-2019-17666

rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

8.8CVSS8.9AI score0.00272EPSS
CVE
CVE
added 2020/04/15 8:15 p.m.560 views

CVE-2019-12519

An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the s...

9.8CVSS9.2AI score0.07726EPSS
CVE
CVE
added 2019/09/09 5:15 p.m.556 views

CVE-2019-16168

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."

6.5CVSS7AI score0.00944EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.551 views

CVE-2020-7062

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that doe...

7.5CVSS8.4AI score0.01155EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.540 views

CVE-2020-2812

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protoc...

4.9CVSS5.2AI score0.00113EPSS
CVE
CVE
added 2019/12/10 11:15 p.m.527 views

CVE-2019-14889

A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influenc...

9.3CVSS8AI score0.01185EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.527 views

CVE-2020-2922

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

4.3CVSS3.4AI score0.00248EPSS
CVE
CVE
added 2020/05/09 6:15 p.m.518 views

CVE-2020-12762

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

7.8CVSS8AI score0.0017EPSS
CVE
CVE
added 2020/01/17 6:15 p.m.508 views

CVE-2019-14615

Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.

5.5CVSS6.1AI score0.04704EPSS
CVE
CVE
added 2019/12/06 6:15 p.m.503 views

CVE-2019-1551

There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are ...

5.3CVSS6AI score0.04896EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.496 views

CVE-2019-2602

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via mult...

7.5CVSS6.8AI score0.00123EPSS
CVE
CVE
added 2019/11/29 3:15 p.m.487 views

CVE-2019-14901

A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is...

10CVSS9.7AI score0.03033EPSS
CVE
CVE
added 2019/12/23 3:15 a.m.483 views

CVE-2019-11046

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII num...

5.3CVSS6.4AI score0.1044EPSS
CVE
CVE
added 2020/05/09 9:15 p.m.481 views

CVE-2020-12770

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.

6.7CVSS6.7AI score0.0005EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.481 views

CVE-2020-2780

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to comprom...

6.5CVSS6.3AI score0.00166EPSS
CVE
CVE
added 2020/01/08 8:15 p.m.475 views

CVE-2019-11745

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR <...

8.8CVSS8.7AI score0.00631EPSS
CVE
CVE
added 2020/04/22 8:15 p.m.474 views

CVE-2020-1983

A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.

7.5CVSS7AI score0.00141EPSS
CVE
CVE
added 2019/10/18 9:15 p.m.472 views

CVE-2019-18197

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be discl...

7.5CVSS7.6AI score0.01875EPSS
CVE
CVE
added 2019/06/27 5:15 p.m.462 views

CVE-2019-5827

Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.03364EPSS
CVE
CVE
added 2019/12/10 11:15 p.m.450 views

CVE-2019-14870

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authen...

6.4CVSS5.7AI score0.02946EPSS
CVE
CVE
added 2020/04/28 7:15 p.m.438 views

CVE-2020-12243

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).

7.5CVSS7.4AI score0.05011EPSS
CVE
CVE
added 2019/11/05 10:15 p.m.432 views

CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.

5.1CVSS4.4AI score0.00077EPSS
CVE
CVE
added 2020/04/14 11:15 p.m.431 views

CVE-2020-5260

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Sp...

9.3CVSS7.2AI score0.27363EPSS
CVE
CVE
added 2019/12/24 4:15 p.m.430 views

CVE-2019-19956

xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.

7.5CVSS7.5AI score0.00212EPSS
CVE
CVE
added 2020/03/04 3:15 p.m.423 views

CVE-2020-10029

The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee7...

5.5CVSS6.4AI score0.00044EPSS
Total number of security vulnerabilities433