Vulnerabilities (CVE)

Vendor filter

Ubuntu Subscribe

Filter

91 total CVE
CVE Vendors Products Updated CVSS
CVE-2004-0957 7 Ubuntu, Redhat, Mysql and 4 more 8 Enterprise Linux Desktop, Enterprise Linux, Openpkg and 5 more 2019-10-07 6.8
Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct...
CVE-2004-0956 4 Mysql, Suse, Ubuntu and 1 more 4 Mysql, Suse Linux, Ubuntu Linux and 1 more 2019-10-07 5.0
MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
CVE-2018-7584 4 Php, Ubuntu, Canonical and 1 more 4 Php, Ubuntu, Ubuntu Linux and 1 more 2019-08-19 7.5
In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c....
CVE-2015-5479 4 Libav, Novell, Ubuntu and 1 more 4 Ubuntu, Leap, Libav and 1 more 2018-10-30 4.3
The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions.
CVE-2015-2150 3 Xen, Linux, Ubuntu 3 Ubuntu, Linux Kernel, Xen 2018-10-30 4.9
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1)...
CVE-2004-1065 4 Openpkg, Trustix, Php and 1 more 4 Openpkg, Php, Ubuntu Linux and 1 more 2018-10-30 10.0
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
CVE-2004-1019 4 Openpkg, Trustix, Php and 1 more 4 Openpkg, Php, Ubuntu Linux and 1 more 2018-10-30 10.0
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure,...
CVE-2004-0882 4 Ubuntu, Conectiva, Samba and 1 more 7 Linux Advanced Workstation, Enterprise Linux Desktop, Enterprise Linux and 4 more 2018-10-30 10.0
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
CVE-2005-3626 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2005-3625 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 10.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode...
CVE-2005-3624 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to...
CVE-2005-0077 4 Redhat, Gentoo, Debian and 1 more 5 Debian Linux, Enterprise Linux Desktop, Enterprise Linux and 2 more 2018-10-19 2.1
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
CVE-2006-6235 6 Ubuntu, Slackware, Gpg4win and 3 more 9 Linux Advanced Workstation, Gpg4win, Enterprise Linux Desktop and 6 more 2018-10-17 10.0
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from...
CVE-2006-3747 2 Apache, Ubuntu 2 Ubuntu Linux, Http Server 2018-10-17 7.6
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service...
CVE-2007-1352 8 Turbolinux, Ubuntu, X.org and 5 more 12 Mandrake Multi Network Firewall, Linux Advanced Workstation, Enterprise Linux Desktop and 9 more 2018-10-16 3.8
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
CVE-2007-1351 7 Ubuntu, X.org, Rpath and 4 more 9 Mandrake Multi Network Firewall, Linux Advanced Workstation, Enterprise Linux Desktop and 6 more 2018-10-16 8.5
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
CVE-2005-0109 5 Redhat, Ubuntu, Sco and 2 more 8 Openserver, Unixware, Solaris and 5 more 2018-10-16 4.7
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and...
CVE-2007-5365 5 Redhat, Debian, Openbsd and 2 more 7 Linux Advanced Workstation, Solaris, Debian Linux and 4 more 2018-10-15 7.2
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service...
CVE-2008-4306 1 Ubuntu 1 Linux 2018-10-11 9.3
Buffer overflow in enscript before 1.6.4 has unknown impact and attack vectors, possibly related to the font escape sequence.
CVE-2009-3232 2 Debian, Ubuntu 2 Debian Linux, Ubuntu Linux 2018-10-03 9.3
pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows...