Lucene search

K
CanonicalUbuntu Linux

12 matches found

CVE
CVE
added 2015/09/28 8:59 p.m.127 views

CVE-2015-1781

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buff...

6.8CVSS8.9AI score0.05081EPSS
CVE
CVE
added 2015/09/14 8:59 p.m.79 views

CVE-2014-9745

The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.

5CVSS6.2AI score0.02685EPSS
CVE
CVE
added 2015/09/02 2:59 p.m.73 views

CVE-2015-3308

Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.

7.5CVSS7.3AI score0.01394EPSS
CVE
CVE
added 2015/09/06 2:59 a.m.72 views

CVE-2015-6826

The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 Real...

7.5CVSS8.8AI score0.00887EPSS
CVE
CVE
added 2015/09/08 3:59 p.m.70 views

CVE-2015-5198

libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAU_DRIVER_PATH environment variable.

7.2CVSS6.3AI score0.00046EPSS
CVE
CVE
added 2015/09/06 2:59 a.m.69 views

CVE-2015-6818

The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a craft...

7.5CVSS8.7AI score0.00887EPSS
CVE
CVE
added 2015/09/06 2:59 a.m.67 views

CVE-2015-6824

The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted video data.

7.5CVSS8.8AI score0.00887EPSS
CVE
CVE
added 2015/09/08 3:59 p.m.64 views

CVE-2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors.

6.3CVSS6.1AI score0.00044EPSS
CVE
CVE
added 2015/09/06 2:59 a.m.62 views

CVE-2015-6820

The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unsp...

7.5CVSS8.8AI score0.00887EPSS
CVE
CVE
added 2015/09/08 3:59 p.m.58 views

CVE-2015-5199

Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable.

7.2CVSS6.2AI score0.00022EPSS
CVE
CVE
added 2015/09/01 2:59 p.m.56 views

CVE-2015-6727

The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.

5CVSS6.6AI score0.006EPSS
CVE
CVE
added 2015/09/17 4:59 p.m.45 views

CVE-2015-1319

The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04.20150408-0ubuntu1.2 does not properly detect if the screen is locked, which allows physically proximate attackers to mount removable media while the screen is locked as demonstrated by inserting a USB ...

2.1CVSS6.4AI score0.00061EPSS