Filtered by vendor Canonical
Subscribe
Search
Total
3488 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9604 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions. | |||||
| CVE-2014-9093 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2016-12-03 | 7.5 HIGH | N/A |
| LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file. | |||||
| CVE-2014-9766 | 2 Canonical, Pixman | 2 Ubuntu Linux, Pixman | 2016-12-03 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via large height and stride values. | |||||
| CVE-2014-8547 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data. | |||||
| CVE-2014-8548 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data. | |||||
| CVE-2014-8541 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MJPEG data. | |||||
| CVE-2014-8543 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MM video data. | |||||
| CVE-2014-8544 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data. | |||||
| CVE-2013-7447 | 2 Canonical, Gtk | 2 Ubuntu Linux, Gtk\\\+ | 2016-12-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation. | |||||
| CVE-2016-3138 | 3 Canonical, Linux, Novell | 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more | 2016-12-01 | 4.9 MEDIUM | 4.6 MEDIUM |
| The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor. | |||||
| CVE-2016-3137 | 3 Canonical, Linux, Novell | 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more | 2016-12-01 | 4.9 MEDIUM | 4.6 MEDIUM |
| drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions. | |||||
| CVE-2016-2185 | 3 Canonical, Linux, Novell | 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more | 2016-12-01 | 4.9 MEDIUM | 4.6 MEDIUM |
| The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor. | |||||
| CVE-2016-2186 | 3 Canonical, Linux, Novell | 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more | 2016-12-01 | 4.9 MEDIUM | 4.6 MEDIUM |
| The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor. | |||||
| CVE-2016-4052 | 2 Canonical, Squid-cache | 2 Ubuntu Linux, Squid | 2016-11-30 | 6.8 MEDIUM | 8.1 HIGH |
| Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses. | |||||
| CVE-2016-3941 | 2 Canonical, Videolan | 2 Ubuntu Linux, Vlc Media Player | 2016-11-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF." | |||||
| CVE-2016-6232 | 2 Canonical, Kde | 2 Ubuntu Linux, Karchives | 2016-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads. | |||||
| CVE-2016-4580 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2016-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request. | |||||
| CVE-2016-4482 | 4 Canonical, Fedoraproject, Linux and 1 more | 11 Ubuntu Linux, Fedora, Linux Kernel and 8 more | 2016-11-28 | 2.1 LOW | 6.2 MEDIUM |
| The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. | |||||
| CVE-2016-4485 | 3 Canonical, Linux, Novell | 5 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 2 more | 2016-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message. | |||||
| CVE-2016-3955 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2016-11-28 | 10.0 HIGH | 9.8 CRITICAL |
| The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet. | |||||
| CVE-2016-3947 | 2 Canonical, Squid-cache | 2 Ubuntu Linux, Squid | 2016-11-28 | 7.5 HIGH | 8.2 HIGH |
| Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet. | |||||
| CVE-2016-3961 | 2 Canonical, Xen | 2 Ubuntu Linux, Xen | 2016-11-28 | 2.1 LOW | 5.5 MEDIUM |
| Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area. | |||||
| CVE-2016-2856 | 3 Canonical, Debian, Gnu | 3 Ubuntu Linux, Debian Linux, Glibc | 2016-11-28 | 7.2 HIGH | 8.4 HIGH |
| pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option. | |||||
| CVE-2016-2187 | 3 Canonical, Linux, Novell | 5 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 2 more | 2016-11-28 | 4.9 MEDIUM | 4.6 MEDIUM |
| The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor. | |||||
| CVE-2015-8899 | 2 Canonical, Thekelleys | 2 Ubuntu Linux, Dnsmasq | 2016-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or (2) AAAA record defined locally. | |||||
| CVE-2015-4004 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2016-11-28 | 8.5 HIGH | N/A |
| The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet. | |||||
| CVE-2015-1473 | 2 Canonical, Gnu | 2 Ubuntu Linux, Glibc | 2016-11-28 | 6.4 MEDIUM | N/A |
| The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call. | |||||
| CVE-2014-8602 | 3 Canonical, Debian, Nlnetlabs | 3 Ubuntu Linux, Debian Linux, Unbound | 2016-11-28 | 4.3 MEDIUM | N/A |
| iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals. | |||||
| CVE-2014-7142 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Solaris, Squid | 2016-11-28 | 6.4 MEDIUM | N/A |
| The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size. | |||||
| CVE-2013-7443 | 2 Canonical, Sqlite | 2 Ubuntu Linux, Sqlite | 2016-11-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via crafted SQL statements. | |||||
| CVE-2013-6410 | 3 Canonical, Debian, Wouter Verhelst | 3 Ubuntu Linux, Debian Linux, Nbd | 2016-11-28 | 7.5 HIGH | N/A |
| nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file. | |||||
| CVE-2013-4248 | 3 Canonical, Php, Redhat | 3 Ubuntu Linux, Php, Enterprise Linux | 2016-11-28 | 4.3 MEDIUM | N/A |
| The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | |||||
| CVE-2013-0189 | 2 Canonical, Squid-cache | 2 Ubuntu Linux, Squid | 2016-11-28 | 5.0 MEDIUM | N/A |
| cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorrect order of arguments or incorrect comparison. | |||||
| CVE-2013-1981 | 2 Canonical, X | 2 Ubuntu Linux, Libx11 | 2016-11-28 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. | |||||
| CVE-2015-2238 | 2 Canonical, Google | 3 Ubuntu Linux, Chrome, V8 | 2016-11-18 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2014-3564 | 3 Canonical, Debian, Gnu | 3 Ubuntu Linux, Debian Linux, Gpgme | 2016-10-18 | 6.8 MEDIUM | N/A |
| Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order." | |||||
| CVE-2013-7439 | 3 Canonical, Debian, X.org | 4 Ubuntu Linux, Debian Linux, Libx11 and 1 more | 2016-10-18 | 7.5 HIGH | N/A |
| Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. | |||||
| CVE-2016-1371 | 2 Canonical, Clamav | 2 Ubuntu Linux, Clamav | 2016-10-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable. | |||||
| CVE-2016-1372 | 2 Canonical, Clamav | 2 Ubuntu Linux, Clamav | 2016-10-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file. | |||||
| CVE-2016-3698 | 4 Canonical, Debian, Libndp and 1 more | 10 Ubuntu Linux, Debian Linux, Libndp and 7 more | 2016-10-04 | 6.8 MEDIUM | 8.1 HIGH |
| libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network. | |||||
| CVE-2013-7327 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2016-09-21 | 6.8 MEDIUM | N/A |
| The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE-2013-7226. | |||||
| CVE-2013-1944 | 2 Canonical, Haxx | 3 Ubuntu Linux, Curl, Libcurl | 2016-09-09 | 5.0 MEDIUM | N/A |
| The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL. | |||||
| CVE-2014-1829 | 4 Canonical, Debian, Mageia and 1 more | 4 Ubuntu Linux, Debian Linux, Mageia and 1 more | 2016-08-30 | 5.0 MEDIUM | N/A |
| Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request. | |||||
| CVE-2014-7204 | 3 Canonical, Debian, Mageia | 4 Ubuntu Linux, Debian Linux, Exuberant Ctags and 1 more | 2016-08-30 | 5.0 MEDIUM | N/A |
| jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file. | |||||
| CVE-2014-7145 | 3 Canonical, Linux, Redhat | 6 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 3 more | 2016-08-24 | 7.8 HIGH | N/A |
| The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals. | |||||
| CVE-2012-5689 | 3 Canonical, Isc, Redhat | 8 Ubuntu Linux, Bind, Enterprise Linux Desktop and 5 more | 2016-08-19 | 7.1 HIGH | N/A |
| ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. | |||||
| CVE-2016-4558 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2016-08-02 | 6.9 MEDIUM | 7.0 HIGH |
| The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb of memory, related to the program reference count or (2) a 1 Tb system, related to the map reference count. | |||||
| CVE-2015-8946 | 2 Canonical, Ecryptfs | 2 Ubuntu Linux, Ecryptfs-utils | 2016-07-27 | 2.1 LOW | 3.3 LOW |
| ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2014-3686 | 3 Canonical, Debian, W1.fi | 4 Ubuntu Linux, Debian Linux, Hostapd and 1 more | 2016-07-27 | 6.8 MEDIUM | N/A |
| wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame. | |||||
| CVE-2016-5360 | 2 Canonical, Haproxy | 2 Ubuntu Linux, Haproxy | 2016-07-01 | 5.0 MEDIUM | 7.5 HIGH |
| HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors. | |||||