Vulnerabilities (CVE)

Vendor filter

Canonical Subscribe

Filter

2168 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-1125 3 Canonical, Debian, Procps-ng Project 3 Ubuntu Linux, Debian Linux, Procps-ng 2019-10-09 5.0
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise...
CVE-2018-1123 3 Canonical, Debian, Procps-ng Project 3 Ubuntu Linux, Debian Linux, Procps-ng 2019-10-09 5.0
procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash...
CVE-2018-1120 4 Redhat, Debian, Linux and 1 more 9 Enterprise Mrg, Debian Linux, Linux Kernel and 6 more 2019-10-09 3.5
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as...
CVE-2018-1118 4 Linux, Redhat, Canonical and 1 more 7 Linux Kernel, Virtualization Host, Ubuntu Linux and 4 more 2019-10-09 2.1
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some...
CVE-2018-1116 3 Polkit Project, Canonical, Debian 3 Polkit, Ubuntu Linux, Debian Linux 2019-10-09 3.6
A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by...
CVE-2018-1106 4 Packagekit Project, Canonical, Debian and 1 more 9 Packagekit, Ubuntu Linux, Debian Linux and 6 more 2019-10-09 2.1
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further...
CVE-2018-1100 3 Zsh, Canonical, Redhat 5 Zsh, Ubuntu Linux, Enterprise Linux Desktop and 2 more 2019-10-09 7.2
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
CVE-2018-1087 4 Canonical, Debian, Linux and 1 more 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more 2019-10-09 4.6
kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov...
CVE-2018-1084 4 Corosync, Debian, Redhat and 1 more 4 Corosync, Debian Linux, Enterprise Linux Server and 1 more 2019-10-09 7.5
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.
CVE-2018-1083 4 Zsh, Canonical, Debian and 1 more 7 Zsh, Ubuntu Linux, Debian Linux and 4 more 2019-10-09 7.2
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries...
CVE-2018-1071 4 Zsh, Canonical, Debian and 1 more 6 Zsh, Ubuntu Linux, Debian Linux and 3 more 2019-10-09 2.1
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.
CVE-2018-1058 3 Postgresql, Redhat, Canonical 3 Postgresql, Cloudforms, Ubuntu Linux 2019-10-09 6.5
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through...
CVE-2018-1056 3 Canonical, Debian, Advancemame 3 Ubuntu Linux, Debian Linux, Advancecomp 2019-10-09 6.8
An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files.
CVE-2018-1053 4 Postgresql, Debian, Redhat and 1 more 4 Postgresql, Debian Linux, Cloudforms and 1 more 2019-10-09 3.3
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect...
CVE-2018-1049 4 Freedesktop, Redhat, Canonical and 1 more 11 Systemd, Enterprise Linux, Enterprise Linux Desktop and 8 more 2019-10-09 4.3
In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount...
CVE-2018-16882 2 Linux, Canonical 2 Linux Kernel, Ubuntu Linux 2019-10-09 7.2
A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it...
CVE-2018-16867 3 Qemu, Canonical, Fedoraproject 3 Qemu, Ubuntu Linux, Fedora 2019-10-09 4.6
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode,...
CVE-2018-16851 3 Samba, Canonical, Debian 3 Samba, Ubuntu Linux, Debian Linux 2019-10-09 4.0
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory...
CVE-2018-16850 3 Postgresql, Canonical, Redhat 3 Postgresql, Ubuntu Linux, Enterprise Linux 2019-10-09 7.5
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with...
CVE-2018-16847 2 Qemu, Canonical 2 Qemu, Ubuntu Linux 2019-10-09 4.6
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or...