VYPR

Ubuntu

by Ubuntu

CVEs (32)

  • CVE-2017-10995MedJul 7, 2017
    risk 0.36cvss 5.5epss 0.02

    The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.

  • CVE-2015-8926MedSep 20, 2016
    risk 0.36cvss 5.5epss 0.02

    The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.

  • CVE-2017-0627MedMay 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the kernel UVC driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…

  • CVE-2015-2150Mar 12, 2015
    risk 0.00cvss epss 0.01

    Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a…

  • CVE-2013-2186Oct 28, 2013
    risk 0.00cvss epss 0.13

    The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.

  • CVE-2009-1296Jun 9, 2009
    risk 0.00cvss epss 0.00

    The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root.

  • CVE-2009-1295Apr 30, 2009
    risk 0.00cvss epss 0.00

    Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors.

  • CVE-2008-5104Nov 17, 2008
    risk 0.00cvss epss 0.00

    Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by (1) python-vm-builder or (2) ubuntu-vm-builder in VMBuilder 0.9 in Ubuntu 8.10, have ! (exclamation point) as the default root password, which allows attackers to bypass intended login restrictions.

  • CVE-2008-4776Oct 28, 2008
    risk 0.00cvss epss 0.01

    libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.

  • CVE-2008-3521Oct 2, 2008
    risk 0.00cvss epss 0.00

    Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally…

  • CVE-2007-5972Dec 6, 2007
    risk 0.00cvss epss 0.03

    Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must…

  • CVE-2007-3920Oct 29, 2007
    risk 0.00cvss epss 0.00

    GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.

Page 2 of 2