VYPR

Ubuntu Linux

by Canonical

CVEs (1,886)

  • CVE-2016-0642MedApr 21, 2016
    risk 0.31cvss 4.7epss 0.01

    Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.

  • CVE-2016-1947MedJan 31, 2016
    risk 0.31cvss 4.7epss 0.02

    Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.

  • CVE-2009-4895MedSep 8, 2010
    risk 0.31cvss 4.7epss 0.00

    Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the…

  • CVE-2005-3106MedSep 30, 2005
    risk 0.31cvss 4.7epss 0.00

    Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.

  • CVE-2005-1111MedMay 2, 2005
    risk 0.31cvss 4.7epss 0.00

    Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.

  • CVE-2016-3951MedMay 2, 2016
    risk 0.30cvss 4.6epss 0.01

    Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.

  • CVE-2016-3689MedMay 2, 2016
    risk 0.30cvss 4.6epss 0.01

    The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.

  • CVE-2016-3138MedMay 2, 2016
    risk 0.30cvss 4.6epss 0.01

    The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.

  • CVE-2016-3137MedMay 2, 2016
    risk 0.30cvss 4.6epss 0.01

    drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the…

  • CVE-2015-2808LowApr 1, 2015
    risk 0.30cvss 3.7epss 0.74

    The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing…

  • CVE-2017-12153MedSep 21, 2017
    risk 0.29cvss 4.4epss 0.00

    A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the…

  • CVE-2014-9637MedAug 25, 2017
    risk 0.29cvss 5.5epss 0.02

    GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.

  • CVE-2016-5105MedSep 2, 2016
    risk 0.29cvss 4.4epss 0.00

    The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware…

  • CVE-2016-5238MedJun 14, 2016
    risk 0.29cvss 4.4epss 0.00

    The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.

  • CVE-2016-4453MedJun 1, 2016
    risk 0.29cvss 4.4epss 0.00

    The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.

  • CVE-2016-1837MedMay 20, 2016
    risk 0.29cvss 5.5epss 0.04

    Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial…

  • CVE-2016-1836MedMay 20, 2016
    risk 0.29cvss 5.5epss 0.04

    Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.

  • CVE-2016-1833MedMay 20, 2016
    risk 0.29cvss 5.5epss 0.03

    The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

  • CVE-2016-2383MedApr 27, 2016
    risk 0.29cvss 5.5epss 0.00

    The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF…

  • CVE-2015-8552MedApr 13, 2016
    risk 0.29cvss 4.4epss 0.00

    The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with…

Page 35 of 95