Ubuntu Linux
by Canonical
CVEs (1,886)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-1513 | Cri | 0.65 | 9.8 | 0.11 | May 11, 2005 | Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request. | ||
| CVE-2024-6387 | Hig | 0.64 | 8.1 | 1.00 | Jul 1, 2024 | A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time… | ||
| CVE-2017-17499 | Cri | 0.64 | 9.8 | 0.03 | Dec 11, 2017 | ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp. | ||
| CVE-2017-17480 | Cri | 0.64 | 9.8 | 0.05 | Dec 8, 2017 | In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution. | ||
| CVE-2017-14746 | Cri | 0.64 | 9.8 | 0.10 | Nov 27, 2017 | Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request. | ||
| CVE-2017-16548 | Cri | 0.64 | 9.8 | 0.05 | Nov 6, 2017 | The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified… | ||
| CVE-2017-15032 | Cri | 0.64 | 9.8 | 0.02 | Oct 5, 2017 | ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. | ||
| CVE-2017-14632 | Cri | 0.64 | 9.8 | 0.06 | Sep 21, 2017 | Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. | ||
| CVE-2017-14626 | Cri | 0.64 | 9.8 | 0.03 | Sep 21, 2017 | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c. | ||
| CVE-2017-14625 | Cri | 0.64 | 9.8 | 0.03 | Sep 21, 2017 | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c. | ||
| CVE-2017-14624 | Cri | 0.64 | 9.8 | 0.03 | Sep 21, 2017 | ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c. | ||
| CVE-2017-14532 | Cri | 0.64 | 9.8 | 0.03 | Sep 18, 2017 | ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c. | ||
| CVE-2017-14064 | Cri | 0.64 | 9.8 | 0.09 | Aug 31, 2017 | Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of… | ||
| CVE-2017-13139 | Cri | 0.64 | 9.8 | 0.04 | Aug 23, 2017 | In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk. | ||
| CVE-2017-12762 | Cri | 0.64 | 9.8 | 0.05 | Aug 9, 2017 | In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree. | ||
| CVE-2016-9843 | Cri | 0.64 | 9.8 | 0.06 | May 23, 2017 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | ||
| CVE-2016-9841 | Cri | 0.64 | 9.8 | 0.07 | May 23, 2017 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | ||
| CVE-2017-9058 | Cri | 0.64 | 9.8 | 0.02 | May 18, 2017 | In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c. | ||
| CVE-2017-5897 | Cri | 0.64 | 9.8 | 0.05 | Mar 23, 2017 | The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access. | ||
| CVE-2014-9847 | Cri | 0.64 | 9.8 | 0.05 | Mar 20, 2017 | The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. |
- risk 0.65cvss 9.8epss 0.11
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
- risk 0.64cvss 8.1epss 1.00
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time…
- risk 0.64cvss 9.8epss 0.03
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
- risk 0.64cvss 9.8epss 0.05
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
- risk 0.64cvss 9.8epss 0.10
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
- risk 0.64cvss 9.8epss 0.05
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified…
- risk 0.64cvss 9.8epss 0.02
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
- risk 0.64cvss 9.8epss 0.06
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
- risk 0.64cvss 9.8epss 0.03
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
- risk 0.64cvss 9.8epss 0.03
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
- risk 0.64cvss 9.8epss 0.03
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
- risk 0.64cvss 9.8epss 0.03
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
- risk 0.64cvss 9.8epss 0.09
Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of…
- risk 0.64cvss 9.8epss 0.04
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
- risk 0.64cvss 9.8epss 0.05
In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.
- risk 0.64cvss 9.8epss 0.06
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
- risk 0.64cvss 9.8epss 0.07
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
- risk 0.64cvss 9.8epss 0.02
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
- risk 0.64cvss 9.8epss 0.05
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.
- risk 0.64cvss 9.8epss 0.05
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
Page 3 of 95