Lucene search

K
CanonicalUbuntu Linux

39 matches found

CVE
CVE
added 2020/02/03 11:15 p.m.1514 views

CVE-2020-8597

eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.

9.8CVSS8.4AI score0.67512EPSS
CVE
CVE
added 2020/02/24 10:15 p.m.1381 views

CVE-2020-1935

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse prox...

5.8CVSS7.4AI score0.00265EPSS
CVE
CVE
added 2020/02/04 3:15 p.m.1120 views

CVE-2019-9674

Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.

7.5CVSS7.1AI score0.01258EPSS
CVE
CVE
added 2020/02/04 8:15 p.m.789 views

CVE-2020-8450

An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.

7.5CVSS7.5AI score0.22412EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.556 views

CVE-2020-7062

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that doe...

7.5CVSS8.4AI score0.00907EPSS
CVE
CVE
added 2020/02/06 1:15 a.m.444 views

CVE-2020-8648

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

7.1CVSS7AI score0.0003EPSS
CVE
CVE
added 2020/02/12 3:15 p.m.385 views

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not...

7CVSS7AI score0.00244EPSS
CVE
CVE
added 2020/02/24 3:15 p.m.360 views

CVE-2020-8130

There is an OS command injection vulnerability in Ruby Rake

6.9CVSS6.6AI score0.00042EPSS
CVE
CVE
added 2020/02/21 10:15 p.m.350 views

CVE-2020-9327

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.

7.5CVSS7.8AI score0.01401EPSS
CVE
CVE
added 2020/02/11 1:15 p.m.345 views

CVE-2018-14553

gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).

7.5CVSS7.3AI score0.00737EPSS
CVE
CVE
added 2020/02/04 9:15 p.m.345 views

CVE-2019-12528

An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.

7.5CVSS7.6AI score0.10514EPSS
CVE
CVE
added 2020/02/04 8:15 p.m.338 views

CVE-2020-8449

An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.

7.5CVSS7.4AI score0.06117EPSS
CVE
CVE
added 2020/02/02 2:15 p.m.337 views

CVE-2019-20446

In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.

6.5CVSS6.3AI score0.01703EPSS
CVE
CVE
added 2020/02/05 6:15 p.m.333 views

CVE-2020-3123

A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users t...

7.5CVSS7.2AI score0.04894EPSS
CVE
CVE
added 2020/02/07 9:15 p.m.306 views

CVE-2020-1700

A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by pil...

6.8CVSS6.1AI score0.00402EPSS
CVE
CVE
added 2020/02/14 5:15 a.m.300 views

CVE-2020-8992

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

5.5CVSS5.5AI score0.00068EPSS
CVE
CVE
added 2020/02/25 5:15 p.m.299 views

CVE-2020-8794

OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce ...

10CVSS9.4AI score0.86794EPSS
CVE
CVE
added 2020/02/04 8:15 p.m.269 views

CVE-2020-8517

An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexp...

7.5CVSS7.4AI score0.00656EPSS
CVE
CVE
added 2020/02/25 4:15 p.m.262 views

CVE-2020-9383

An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.

7.1CVSS6.7AI score0.00108EPSS
CVE
CVE
added 2020/02/08 5:15 a.m.217 views

CVE-2019-11484

Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.

7.8CVSS6.8AI score0.00155EPSS
CVE
CVE
added 2020/02/20 7:15 a.m.207 views

CVE-2020-9308

archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact.

8.8CVSS8.7AI score0.00702EPSS
CVE
CVE
added 2020/02/08 5:15 a.m.198 views

CVE-2019-11485

Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.

3.3CVSS5.2AI score0.00103EPSS
CVE
CVE
added 2020/02/08 5:15 a.m.191 views

CVE-2019-11483

Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user.

7CVSS4.9AI score0.00119EPSS
CVE
CVE
added 2020/02/08 5:15 a.m.186 views

CVE-2019-11481

Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.

7.8CVSS5.5AI score0.00195EPSS
CVE
CVE
added 2020/02/08 5:15 a.m.184 views

CVE-2019-11482

Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.

4.7CVSS5.5AI score0.00097EPSS
CVE
CVE
added 2020/02/24 3:15 p.m.158 views

CVE-2015-9542

add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could send a crafted password to an application (loading the pam_radius library) and crash it. Arbitrary c...

7.5CVSS7.6AI score0.02281EPSS
CVE
CVE
added 2020/02/19 7:15 p.m.151 views

CVE-2020-6062

An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigger this vulnerability.

7.5CVSS8.2AI score0.0606EPSS
CVE
CVE
added 2020/02/25 5:15 p.m.143 views

CVE-2020-8793

OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.

4.7CVSS4.7AI score0.00811EPSS
CVE
CVE
added 2020/02/19 7:15 p.m.108 views

CVE-2020-6061

An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability.

9.8CVSS9AI score0.02021EPSS
CVE
CVE
added 2020/02/11 12:15 p.m.107 views

CVE-2020-5529

HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is don...

8.1CVSS8.1AI score0.0164EPSS
CVE
CVE
added 2020/02/20 4:15 a.m.105 views

CVE-2011-2498

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

5.5CVSS5.6AI score0.0006EPSS
CVE
CVE
added 2020/02/26 4:15 p.m.104 views

CVE-2020-9274

An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-e...

7.5CVSS7.2AI score0.01103EPSS
CVE
CVE
added 2020/02/19 9:15 p.m.99 views

CVE-2015-7747

Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c.

8.8CVSS8.9AI score0.40009EPSS
CVE
CVE
added 2020/02/20 6:15 p.m.80 views

CVE-2011-4915

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

5.5CVSS5.2AI score0.0008EPSS
CVE
CVE
added 2020/02/06 3:15 p.m.74 views

CVE-2014-2030

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-...

8.8CVSS8.4AI score0.20771EPSS
CVE
CVE
added 2020/02/06 2:15 p.m.74 views

CVE-2016-9928

MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets.

7.4CVSS7.2AI score0.01904EPSS
CVE
CVE
added 2020/02/17 6:15 p.m.72 views

CVE-2015-0258

Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a file with a (1) .php3, (2) .php4, (3) .php5, or (4) .phtml extension.

8.8CVSS8.8AI score0.11883EPSS
CVE
CVE
added 2020/02/06 3:15 p.m.68 views

CVE-2014-1958

Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.

8.8CVSS8.3AI score0.20771EPSS
CVE
CVE
added 2020/02/19 6:15 p.m.64 views

CVE-2012-0055

OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.

7.8CVSS7.1AI score0.00393EPSS