Ubuntu Linux
by Canonical
CVEs (1,886)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-7610 | Med | 0.36 | 5.5 | 0.02 | Apr 9, 2017 | The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | ||
| CVE-2017-7608 | Med | 0.36 | 5.5 | 0.02 | Apr 9, 2017 | The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | ||
| CVE-2016-9388 | Med | 0.36 | 5.5 | 0.02 | Mar 23, 2017 | The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | ||
| CVE-2014-9845 | Med | 0.36 | 5.5 | 0.02 | Mar 20, 2017 | The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. | ||
| CVE-2014-9844 | Med | 0.36 | 5.5 | 0.02 | Mar 20, 2017 | The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. | ||
| CVE-2014-9853 | Med | 0.36 | 5.5 | 0.02 | Mar 17, 2017 | Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. | ||
| CVE-2016-5824 | Med | 0.36 | 5.5 | 0.02 | Jan 27, 2017 | libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. | ||
| CVE-2016-9318 | Med | 0.36 | 5.5 | 0.03 | Nov 16, 2016 | libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE)… | ||
| CVE-2016-7795 | Med | 0.36 | 5.5 | 0.01 | Oct 13, 2016 | The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket. | ||
| CVE-2016-1372 | Med | 0.36 | 5.5 | 0.02 | Oct 3, 2016 | ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file. | ||
| CVE-2016-1371 | Med | 0.36 | 5.5 | 0.02 | Oct 3, 2016 | ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable. | ||
| CVE-2015-8934 | Med | 0.36 | 5.5 | 0.02 | Sep 20, 2016 | The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file. | ||
| CVE-2015-8933 | Med | 0.36 | 5.5 | 0.02 | Sep 20, 2016 | Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file. | ||
| CVE-2015-8932 | Med | 0.36 | 5.5 | 0.02 | Sep 20, 2016 | The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift. | ||
| CVE-2015-8928 | Med | 0.36 | 5.5 | 0.02 | Sep 20, 2016 | The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. | ||
| CVE-2015-8926 | Med | 0.36 | 5.5 | 0.02 | Sep 20, 2016 | The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive. | ||
| CVE-2015-8925 | Med | 0.36 | 5.5 | 0.02 | Sep 20, 2016 | The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing. | ||
| CVE-2015-8924 | Med | 0.36 | 5.5 | 0.05 | Sep 20, 2016 | The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file. | ||
| CVE-2015-8922 | Med | 0.36 | 5.5 | 0.02 | Sep 20, 2016 | The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct. | ||
| CVE-2015-8920 | Med | 0.36 | 5.5 | 0.02 | Sep 20, 2016 | The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file. |
- risk 0.36cvss 5.5epss 0.02
The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
- risk 0.36cvss 5.5epss 0.02
The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
- risk 0.36cvss 5.5epss 0.02
The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.
- risk 0.36cvss 5.5epss 0.02
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
- risk 0.36cvss 5.5epss 0.02
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
- risk 0.36cvss 5.5epss 0.02
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
- risk 0.36cvss 5.5epss 0.02
libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
- risk 0.36cvss 5.5epss 0.03
libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE)…
- risk 0.36cvss 5.5epss 0.01
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
- risk 0.36cvss 5.5epss 0.02
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.
- risk 0.36cvss 5.5epss 0.02
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable.
- risk 0.36cvss 5.5epss 0.02
The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.
- risk 0.36cvss 5.5epss 0.02
Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.
- risk 0.36cvss 5.5epss 0.02
The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.
- risk 0.36cvss 5.5epss 0.02
The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
- risk 0.36cvss 5.5epss 0.02
The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.
- risk 0.36cvss 5.5epss 0.02
The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.
- risk 0.36cvss 5.5epss 0.05
The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file.
- risk 0.36cvss 5.5epss 0.02
The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.
- risk 0.36cvss 5.5epss 0.02
The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.
Page 31 of 95