Vulnerabilities (CVE)

Vendor filter

Canonical Subscribe

Filter

416 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-17266 2 Gnome, Canonical 2 Libsoup, Ubuntu Linux 2019-10-10 7.5
libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy.
CVE-2019-7304 1 Canonical 2 Ubuntu Linux, Snapd 2019-10-09 10.0
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.
CVE-2018-8785 2 Freerdp, Canonical 2 Freerdp, Ubuntu Linux 2019-10-09 7.5
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
CVE-2018-8784 2 Freerdp, Canonical 2 Freerdp, Ubuntu Linux 2019-10-09 7.5
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.
CVE-2018-5379 4 Quagga, Debian, Canonical and 1 more 8 Quagga, Debian Linux, Ubuntu Linux and 5 more 2019-10-09 7.5
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially...
CVE-2018-1084 4 Corosync, Debian, Redhat and 1 more 4 Corosync, Debian Linux, Enterprise Linux Server and 1 more 2019-10-09 7.5
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.
CVE-2018-16850 3 Postgresql, Canonical, Redhat 3 Postgresql, Ubuntu Linux, Enterprise Linux 2019-10-09 7.5
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with...
CVE-2018-16840 2 Canonical, Haxx 2 Ubuntu Linux, Curl 2019-10-09 7.5
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct...
CVE-2018-16839 3 Haxx, Canonical, Debian 3 Curl, Ubuntu Linux, Debian Linux 2019-10-09 7.5
Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.
CVE-2018-15688 4 Freedesktop, Canonical, Debian and 1 more 9 Systemd, Ubuntu Linux, Debian Linux and 6 more 2019-10-09 7.5
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
CVE-2017-15118 3 Qemu, Canonical, Redhat 3 Qemu, Ubuntu Linux, Enterprise Linux 2019-10-09 7.5
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds...
CVE-2017-0903 4 Rubygems, Canonical, Debian and 1 more 9 Rubygems, Ubuntu Linux, Debian Linux and 6 more 2019-10-09 7.5
RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to...
CVE-2016-1585 1 Canonical 1 Apparmor 2019-10-09 7.5
In all versions of AppArmor mount rules are accidentally widened when compiled.
CVE-2016-1579 1 Canonical 1 Ubuntu Download Manager 2019-10-09 7.5
UDM provides support for running commands after a download is completed, this is currently made use of for click package installation. This functionality was not restricted to unconfined applications. Before UDM version...
CVE-2015-2301 7 Apple, Php, Canonical and 4 more 12 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 9 more 2019-10-09 7.5
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger...
CVE-2007-0777 2 Mozilla, Canonical 4 Firefox, Seamonkey, Thunderbird and 1 more 2019-10-09 9.3
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain...
CVE-2017-9117 2 Libtiff, Canonical 2 Libtiff, Ubuntu Linux 2019-10-03 7.5
In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.
CVE-2017-9232 1 Canonical 1 Juju 2019-10-03 10.0
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.
CVE-2017-9058 2 Ytnef Project, Canonical 2 Ytnef, Ubuntu Linux 2019-10-03 7.5
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
CVE-2017-15032 2 Imagemagick, Canonical 2 Imagemagick, Ubuntu Linux 2019-10-03 7.5
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.