Filtered by vendor Canonical
Subscribe
Search
Total
3488 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2375 | 3 Canonical, Debian, Pidgin | 3 Ubuntu Linux, Debian Linux, Pidgin | 2017-03-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent from the server can result in memory disclosure. | |||||
| CVE-2016-2371 | 3 Canonical, Debian, Pidgin | 3 Ubuntu Linux, Debian Linux, Pidgin | 2017-03-30 | 6.8 MEDIUM | 8.1 HIGH |
| An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution. | |||||
| CVE-2016-2370 | 3 Canonical, Debian, Pidgin | 3 Ubuntu Linux, Debian Linux, Pidgin | 2017-03-30 | 4.3 MEDIUM | 5.9 MEDIUM |
| A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an out-of-bounds read. A malicious server or man-in-the-middle attacker can send invalid data to trigger this vulnerability. | |||||
| CVE-2016-4323 | 3 Canonical, Debian, Pidgin | 3 Ubuntu Linux, Debian Linux, Pidgin | 2017-03-30 | 5.8 MEDIUM | 3.7 LOW |
| A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image triggering the vulnerability. | |||||
| CVE-2016-2373 | 3 Canonical, Debian, Pidgin | 3 Ubuntu Linux, Debian Linux, Pidgin | 2017-03-30 | 4.3 MEDIUM | 5.9 MEDIUM |
| A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or user can send an invalid mood to trigger this vulnerability. | |||||
| CVE-2016-2372 | 3 Canonical, Debian, Pidgin | 3 Ubuntu Linux, Debian Linux, Pidgin | 2017-03-30 | 4.9 MEDIUM | 5.9 MEDIUM |
| An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle attacker can send an invalid size for a file transfer which will trigger an out-of-bounds read vulnerability. This could result in a denial of service or copy data from memory to the file, resulting in an information leak if the file is sent to another user. | |||||
| CVE-2016-3981 | 3 Canonical, Debian, Optipng Project | 3 Ubuntu Linux, Debian Linux, Optipng | 2017-02-19 | 9.3 HIGH | 7.8 HIGH |
| Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file. | |||||
| CVE-2016-9963 | 3 Canonical, Debian, Exim | 3 Ubuntu Linux, Debian Linux, Exim | 2017-02-15 | 2.6 LOW | 5.9 MEDIUM |
| Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages. | |||||
| CVE-2016-9119 | 3 Canonical, Debian, Moinmo | 3 Ubuntu Linux, Debian Linux, Moinmoin | 2017-02-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-5029 | 2 Apple, Canonical | 2 Cups, Ubuntu Linux | 2017-01-07 | 1.5 LOW | N/A |
| The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537. | |||||
| CVE-2016-9950 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2017-01-07 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system. | |||||
| CVE-2014-3537 | 3 Apple, Canonical, Fedoraproject | 3 Cups, Ubuntu Linux, Fedora | 2017-01-07 | 1.2 LOW | N/A |
| The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/. | |||||
| CVE-2014-4615 | 3 Canonical, Openstack, Redhat | 6 Ubuntu Linux, Neutron, Oslo and 3 more | 2017-01-07 | 5.0 MEDIUM | N/A |
| The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request). | |||||
| CVE-2014-5030 | 2 Apple, Canonical | 2 Cups, Ubuntu Linux | 2017-01-07 | 1.9 LOW | N/A |
| CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py. | |||||
| CVE-2014-5031 | 2 Apple, Canonical | 2 Cups, Ubuntu Linux | 2017-01-07 | 5.0 MEDIUM | N/A |
| The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors. | |||||
| CVE-2014-5356 | 2 Canonical, Openstack | 2 Ubuntu Linux, Image Registry And Delivery Service \(glance\) | 2017-01-07 | 4.0 MEDIUM | N/A |
| OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the image_size_cap configuration option, which allows remote authenticated users to cause a denial of service (disk consumption) by uploading a large image. | |||||
| CVE-2016-9949 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2017-01-07 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code. | |||||
| CVE-2014-0474 | 2 Canonical, Djangoproject | 2 Ubuntu Linux, Django | 2017-01-07 | 10.0 HIGH | N/A |
| The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting." | |||||
| CVE-2014-1419 | 1 Canonical | 2 Acpi-support, Ubuntu Linux | 2017-01-07 | 6.9 MEDIUM | N/A |
| Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2014-0472 | 2 Canonical, Djangoproject | 2 Ubuntu Linux, Django | 2017-01-07 | 5.1 MEDIUM | N/A |
| The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path." | |||||
| CVE-2014-0473 | 2 Canonical, Djangoproject | 2 Ubuntu Linux, Django | 2017-01-07 | 5.0 MEDIUM | N/A |
| The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 reuses a cached CSRF token for all anonymous users, which allows remote attackers to bypass CSRF protections by reading the CSRF cookie for anonymous users. | |||||
| CVE-2014-1418 | 2 Canonical, Djangoproject | 2 Ubuntu Linux, Django | 2017-01-07 | 6.4 MEDIUM | N/A |
| Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers. | |||||
| CVE-2015-3333 | 3 Canonical, Debian, Google | 4 Ubuntu Linux, Debian Linux, Chrome and 1 more | 2017-01-03 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2015-2668 | 2 Canonical, Clamav | 2 Ubuntu Linux, Clamav | 2017-01-03 | 5.0 MEDIUM | N/A |
| ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file. | |||||
| CVE-2015-1244 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Chrome | 2017-01-03 | 5.0 MEDIUM | N/A |
| The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic. | |||||
| CVE-2015-2222 | 2 Canonical, Clamav | 2 Ubuntu Linux, Clamav | 2017-01-03 | 5.0 MEDIUM | N/A |
| ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file. | |||||
| CVE-2015-1237 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Chrome | 2017-01-03 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages during a detach operation. | |||||
| CVE-2015-1236 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Chrome | 2017-01-03 | 4.3 MEDIUM | N/A |
| The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a crafted web site containing a media element. | |||||
| CVE-2015-1243 | 4 Canonical, Debian, Google and 1 more | 7 Ubuntu Linux, Debian Linux, Chrome and 4 more | 2017-01-03 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an attempt to unregister a MutationObserver object that is not currently registered. | |||||
| CVE-2015-1242 | 3 Canonical, Debian, Google | 4 Ubuntu Linux, Debian Linux, Chrome and 1 more | 2017-01-03 | 7.5 HIGH | N/A |
| The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages "type confusion" in the check-elimination optimization. | |||||
| CVE-2015-1241 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Chrome | 2017-01-03 | 4.3 MEDIUM | N/A |
| Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack. | |||||
| CVE-2015-2170 | 2 Canonical, Clamav | 2 Ubuntu Linux, Clamav | 2017-01-03 | 5.0 MEDIUM | N/A |
| The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
| CVE-2015-1249 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Chrome | 2017-01-03 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2015-2221 | 2 Canonical, Clamav | 2 Ubuntu Linux, Clamav | 2017-01-03 | 5.0 MEDIUM | N/A |
| ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file. | |||||
| CVE-2015-1205 | 3 Canonical, Chromium, Google | 3 Ubuntu Linux, Chromium, Chrome | 2017-01-03 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2015-0840 | 2 Canonical, Debian | 2 Ubuntu Linux, Dpkg | 2017-01-03 | 4.3 MEDIUM | N/A |
| The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc). | |||||
| CVE-2015-1235 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Chrome | 2017-01-03 | 5.0 MEDIUM | N/A |
| The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element. | |||||
| CVE-2015-1240 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Chrome | 2017-01-03 | 5.0 MEDIUM | N/A |
| gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency. | |||||
| CVE-2015-1250 | 4 Canonical, Debian, Google and 1 more | 7 Ubuntu Linux, Debian Linux, Chrome and 4 more | 2017-01-03 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2015-1238 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Chrome | 2017-01-03 | 7.5 HIGH | N/A |
| Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2013-6474 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2016-12-31 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2013-6473 | 2 Canonical, Linuxfoundation | 2 Ubuntu Linux, Cups-filters | 2016-12-31 | 6.8 MEDIUM | N/A |
| Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file. | |||||
| CVE-2013-4474 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Poppler | 2016-12-31 | 5.0 MEDIUM | N/A |
| Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename. | |||||
| CVE-2015-0847 | 2 Canonical, Wouter Verhelst | 2 Ubuntu Linux, Nbd | 2016-12-31 | 7.8 HIGH | N/A |
| nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, which allows remote attackers to cause a denial of service (deadlock) via unspecified vectors. | |||||
| CVE-2013-4256 | 2 Canonical, Radscan | 2 Ubuntu Linux, Network Audio System | 2016-12-31 | 4.6 MEDIUM | N/A |
| Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to the CreateWellKnownSockets or (9) AmoebaTCPConnectorThread function in server/os/connection.c; or (10) unspecified vectors related to logging in the osLogMsg function in server/os/aulog.c. | |||||
| CVE-2015-1803 | 3 Canonical, Debian, X | 3 Ubuntu Linux, Debian Linux, Libxfont | 2016-12-31 | 8.5 HIGH | N/A |
| The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file. | |||||
| CVE-2016-2110 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2016-12-31 | 4.3 MEDIUM | 5.9 MEDIUM |
| The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security. | |||||
| CVE-2014-0004 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Udisks | 2016-12-31 | 6.9 MEDIUM | N/A |
| Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point. | |||||
| CVE-2015-1804 | 3 Canonical, Debian, X | 3 Ubuntu Linux, Debian Linux, Libxfont | 2016-12-31 | 8.5 HIGH | N/A |
| The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file. | |||||
| CVE-2016-2112 | 2 Canonical, Samba | 2 Ubuntu Linux, Samba | 2016-12-31 | 4.3 MEDIUM | 5.9 MEDIUM |
| The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream. | |||||