Lucene search

K
CanonicalUbuntu Linux19.10

433 matches found

CVE
CVE
added 2020/04/21 7:15 p.m.423 views

CVE-2020-11008

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where some credential is leaked (but...

7.5CVSS6.5AI score0.27363EPSS
CVE
CVE
added 2020/05/24 10:15 p.m.416 views

CVE-2020-13434

SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.

5.5CVSS6.8AI score0.00062EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.410 views

CVE-2019-12523

An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e...

9.1CVSS9.1AI score0.00728EPSS
CVE
CVE
added 2019/09/04 9:15 p.m.408 views

CVE-2019-15926

An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.

9.4CVSS8.6AI score0.02919EPSS
CVE
CVE
added 2020/04/09 3:15 a.m.408 views

CVE-2020-11655

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.

7.5CVSS7.9AI score0.08565EPSS
CVE
CVE
added 2020/01/21 6:15 a.m.407 views

CVE-2019-20386

An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.

5.1CVSS5.1AI score0.00082EPSS
CVE
CVE
added 2020/01/21 6:15 p.m.406 views

CVE-2019-14907

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authenti...

6.5CVSS6.5AI score0.05927EPSS
CVE
CVE
added 2020/05/14 4:15 p.m.402 views

CVE-2020-1945

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tr...

6.3CVSS6.8AI score0.00021EPSS
CVE
CVE
added 2019/11/25 12:15 p.m.398 views

CVE-2019-14822

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using...

7.1CVSS6.7AI score0.00096EPSS
CVE
CVE
added 2020/01/28 1:15 a.m.398 views

CVE-2020-0549

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS5.6AI score0.00122EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.397 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.

6.5CVSS7.1AI score0.00377EPSS
CVE
CVE
added 2020/06/08 5:15 p.m.392 views

CVE-2020-12049

An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket...

5.5CVSS5.4AI score0.00022EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.385 views

CVE-2019-19068

A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.

4.9CVSS6.1AI score0.00094EPSS
CVE
CVE
added 2019/12/10 11:15 p.m.384 views

CVE-2019-14861

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permis...

5.3CVSS5.3AI score0.0268EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.384 views

CVE-2019-19063

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.

4.9CVSS6.5AI score0.00075EPSS
CVE
CVE
added 2020/01/08 10:15 p.m.383 views

CVE-2019-17023

After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72.

6.5CVSS6.9AI score0.00166EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.383 views

CVE-2019-19060

A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.

7.8CVSS7.5AI score0.00527EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.380 views

CVE-2019-19045

A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.

4.9CVSS5.8AI score0.00053EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.378 views

CVE-2019-2975

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple proto...

5.8CVSS4.8AI score0.0028EPSS
CVE
CVE
added 2020/05/21 4:15 p.m.378 views

CVE-2020-13112

An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

9.1CVSS6.8AI score0.00766EPSS
CVE
CVE
added 2019/09/25 3:15 p.m.377 views

CVE-2019-13627

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.

6.3CVSS6.3AI score0.00037EPSS
CVE
CVE
added 2020/05/18 6:15 p.m.376 views

CVE-2020-13143

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

6.5CVSS6.5AI score0.01742EPSS
CVE
CVE
added 2020/02/12 3:15 p.m.375 views

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not...

7CVSS7AI score0.00244EPSS
CVE
CVE
added 2019/08/16 12:15 a.m.374 views

CVE-2019-15090

An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.

6.7CVSS7.1AI score0.00094EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.374 views

CVE-2019-18679

An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information red...

7.5CVSS8.5AI score0.68491EPSS
CVE
CVE
added 2020/05/09 9:15 p.m.371 views

CVE-2020-12767

exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.

5.5CVSS6.6AI score0.00156EPSS
CVE
CVE
added 2020/03/12 9:15 p.m.369 views

CVE-2020-0556

Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access

7.1CVSS6.8AI score0.00172EPSS
CVE
CVE
added 2020/01/21 6:15 p.m.367 views

CVE-2019-14902

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

5.5CVSS5.9AI score0.01691EPSS
CVE
CVE
added 2020/01/02 2:16 p.m.365 views

CVE-2019-20218

selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.

7.5CVSS7.6AI score0.00774EPSS
CVE
CVE
added 2020/07/06 7:15 p.m.359 views

CVE-2020-10760

A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba.

6.5CVSS6.6AI score0.03158EPSS
CVE
CVE
added 2020/05/22 6:15 p.m.359 views

CVE-2020-13398

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.

8.3CVSS8AI score0.00377EPSS
CVE
CVE
added 2020/01/15 5:15 p.m.358 views

CVE-2020-2579

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to c...

6.5CVSS6.1AI score0.00585EPSS
CVE
CVE
added 2020/02/24 3:15 p.m.357 views

CVE-2020-8130

There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |.

6.9CVSS6.6AI score0.0007EPSS
CVE
CVE
added 2020/11/23 5:15 p.m.355 views

CVE-2020-0569

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

5.7CVSS5.8AI score0.00399EPSS
CVE
CVE
added 2020/03/24 10:15 p.m.355 views

CVE-2020-10942

In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.

5.4CVSS6.2AI score0.00039EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.353 views

CVE-2019-2949

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos...

6.8CVSS6.4AI score0.00426EPSS
CVE
CVE
added 2019/11/27 9:15 a.m.349 views

CVE-2019-14896

A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects...

10CVSS9.6AI score0.0177EPSS
CVE
CVE
added 2020/04/02 9:15 p.m.349 views

CVE-2020-11494

An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2ce...

4.4CVSS5.3AI score0.00096EPSS
CVE
CVE
added 2020/02/21 10:15 p.m.349 views

CVE-2020-9327

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.

7.5CVSS7.8AI score0.01229EPSS
CVE
CVE
added 2020/05/14 9:15 p.m.345 views

CVE-2020-0093

In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Androi...

5CVSS6AI score0.00065EPSS
CVE
CVE
added 2020/02/11 1:15 p.m.344 views

CVE-2018-14553

gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).

7.5CVSS7.3AI score0.00646EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.343 views

CVE-2019-18677

An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be deli...

6.1CVSS7.4AI score0.04678EPSS
CVE
CVE
added 2019/11/19 10:15 p.m.342 views

CVE-2019-19126

On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR...

3.3CVSS4.8AI score0.00016EPSS
CVE
CVE
added 2020/02/04 9:15 p.m.340 views

CVE-2019-12528

An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.

7.5CVSS7.6AI score0.20521EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.340 views

CVE-2019-18676

An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote clie...

7.5CVSS8.4AI score0.01854EPSS
CVE
CVE
added 2019/12/24 12:15 a.m.339 views

CVE-2019-19947

In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.

4.6CVSS5.1AI score0.00112EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.339 views

CVE-2020-2803

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

8.3CVSS8.2AI score0.03208EPSS
CVE
CVE
added 2019/11/18 6:15 a.m.338 views

CVE-2019-19062

A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.

4.7CVSS6.5AI score0.00087EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.337 views

CVE-2020-2830

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...

5.3CVSS5AI score0.0018EPSS
CVE
CVE
added 2020/04/15 7:15 p.m.336 views

CVE-2019-12521

An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements...

5.9CVSS7.5AI score0.00565EPSS
Total number of security vulnerabilities433