VYPR

Ubuntu Linux

by Canonical

CVEs (1,886)

  • CVE-2017-15033HigOct 5, 2017
    risk 0.49cvss 7.5epss 0.02

    ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.

  • CVE-2017-6362HigSep 7, 2017
    risk 0.49cvss 7.5epss 0.05

    Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.

  • CVE-2015-1325HigAug 25, 2017
    risk 0.49cvss 7.0epss 0.01

    Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write…

  • CVE-2017-12836HigAug 24, 2017
    risk 0.49cvss 7.5epss 0.06

    CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."

  • CVE-2011-5325HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.07

    Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.

  • CVE-2017-11591HigJul 24, 2017
    risk 0.49cvss 7.5epss 0.03

    There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.

  • CVE-2015-5300HigJul 21, 2017
    risk 0.49cvss 7.5epss 0.09

    The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up…

  • CVE-2017-1000050HigJul 17, 2017
    risk 0.49cvss 7.5epss 0.03

    JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.

  • CVE-2015-5180HigJun 27, 2017
    risk 0.49cvss 7.5epss 0.06

    res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).

  • CVE-2017-9022HigJun 8, 2017
    risk 0.49cvss 7.5epss 0.02

    The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.

  • CVE-2017-7645HigApr 18, 2017
    risk 0.49cvss 7.5epss 0.06

    The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.

  • CVE-2016-6489HigApr 14, 2017
    risk 0.49cvss 7.5epss 0.05

    The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.

  • CVE-2014-9851HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).

  • CVE-2014-9850HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).

  • CVE-2014-9849HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).

  • CVE-2014-9848HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).

  • CVE-2014-9842HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

  • CVE-2014-9854HigMar 17, 2017
    risk 0.49cvss 7.5epss 0.04

    coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

  • CVE-2017-6960HigMar 17, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable.

  • CVE-2016-10109HigFeb 23, 2017
    risk 0.49cvss 7.5epss 0.04

    Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.

Page 16 of 95