VYPR

Ubuntu Linux

by Canonical

CVEs (1,886)

  • CVE-2016-10708HigJan 21, 2018
    risk 0.43cvss 7.5epss 0.16

    sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

  • CVE-2017-16533MedNov 4, 2017
    risk 0.43cvss 6.6epss 0.00

    The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-16532MedNov 4, 2017
    risk 0.43cvss 6.6epss 0.00

    The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-16529MedNov 4, 2017
    risk 0.43cvss 6.6epss 0.00

    The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-16528MedNov 4, 2017
    risk 0.43cvss 6.6epss 0.00

    sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-16527MedNov 4, 2017
    risk 0.43cvss 6.6epss 0.00

    sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-16525MedNov 4, 2017
    risk 0.43cvss 6.6epss 0.00

    The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to…

  • CVE-2014-9092MedOct 10, 2017
    risk 0.43cvss 6.5epss 0.03

    libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.

  • CVE-2017-14166MedSep 6, 2017
    risk 0.43cvss 6.5epss 0.03

    libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c.

  • CVE-2015-1395HigAug 25, 2017
    risk 0.43cvss 7.5epss 0.11

    Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.

  • CVE-2015-7973MedJan 30, 2017
    risk 0.43cvss 6.5epss 0.03

    NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.

  • CVE-2015-8916MedSep 20, 2016
    risk 0.43cvss 6.5epss 0.03

    bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file.

  • CVE-2016-3521MedJul 21, 2016
    risk 0.43cvss 6.5epss 0.06

    Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.

  • CVE-2016-3501MedJul 21, 2016
    risk 0.43cvss 6.5epss 0.04

    Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

  • CVE-2016-3486MedJul 21, 2016
    risk 0.43cvss 6.5epss 0.04

    Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.

  • CVE-2016-2191MedApr 13, 2016
    risk 0.43cvss 6.5epss 0.04

    The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.

  • CVE-2015-7560MedMar 13, 2016
    risk 0.43cvss 6.5epss 0.13

    The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to…

  • CVE-2013-7447MedFeb 17, 2016
    risk 0.43cvss 6.5epss 0.05

    Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image…

  • CVE-2014-1523MedApr 30, 2014
    risk 0.43cvss 6.5epss 0.03

    Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG…

  • CVE-2011-2501MedJul 17, 2011
    risk 0.43cvss 6.5epss 0.03

    The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during…

Page 22 of 95