VYPR

Ubuntu Linux

by Canonical

CVEs (1,886)

  • CVE-2005-1513CriMay 11, 2005
    risk 0.65cvss 9.8epss 0.11

    Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.

  • CVE-2024-6387HigJul 1, 2024
    risk 0.64cvss 8.1epss 1.00

    A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time…

  • CVE-2017-17499CriDec 11, 2017
    risk 0.64cvss 9.8epss 0.03

    ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.

  • CVE-2017-17480CriDec 8, 2017
    risk 0.64cvss 9.8epss 0.05

    In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

  • CVE-2017-14746CriNov 27, 2017
    risk 0.64cvss 9.8epss 0.10

    Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.

  • CVE-2017-16548CriNov 6, 2017
    risk 0.64cvss 9.8epss 0.05

    The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified…

  • CVE-2017-15032CriOct 5, 2017
    risk 0.64cvss 9.8epss 0.02

    ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

  • CVE-2017-14632CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.06

    Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.

  • CVE-2017-14626CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.03

    ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.

  • CVE-2017-14625CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.03

    ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.

  • CVE-2017-14624CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.03

    ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.

  • CVE-2017-14532CriSep 18, 2017
    risk 0.64cvss 9.8epss 0.03

    ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.

  • CVE-2017-14064CriAug 31, 2017
    risk 0.64cvss 9.8epss 0.09

    Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of…

  • CVE-2017-13139CriAug 23, 2017
    risk 0.64cvss 9.8epss 0.04

    In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.

  • CVE-2017-12762CriAug 9, 2017
    risk 0.64cvss 9.8epss 0.05

    In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.

  • CVE-2016-9843CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.06

    The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.

  • CVE-2016-9841CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.07

    inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

  • CVE-2017-9058CriMay 18, 2017
    risk 0.64cvss 9.8epss 0.02

    In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.

  • CVE-2017-5897CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.05

    The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.

  • CVE-2014-9847CriMar 20, 2017
    risk 0.64cvss 9.8epss 0.05

    The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.

Page 3 of 95