VYPR

Ubuntu Linux

by Canonical

CVEs (1,886)

  • CVE-2014-9584Jan 9, 2015
    risk 0.00cvss epss 0.00

    The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660…

  • CVE-2014-9529Jan 9, 2015
    risk 0.00cvss epss 0.00

    Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key…

  • CVE-2014-9221Jan 7, 2015
    risk 0.00cvss epss 0.04

    strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.

  • CVE-2014-1425Jan 7, 2015
    risk 0.00cvss epss 0.00

    cmanager 0.32 does not properly enforce nesting when modifying cgroup properties, which allows local users to set cgroup values for all cgroups via unspecified vectors.

  • CVE-2014-8109Dec 29, 2014
    risk 0.00cvss epss 0.22

    mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass…

  • CVE-2014-8132Dec 29, 2014
    risk 0.00cvss epss 0.05

    Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet.

  • CVE-2014-8136Dec 19, 2014
    risk 0.00cvss epss 0.00

    The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.

  • CVE-2014-8117Dec 17, 2014
    risk 0.00cvss epss 0.06

    softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.

  • CVE-2014-8116Dec 17, 2014
    risk 0.00cvss epss 0.04

    The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.

  • CVE-2014-5353Dec 16, 2014
    risk 0.00cvss epss 0.05

    The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with…

  • CVE-2014-9323Dec 16, 2014
    risk 0.00cvss epss 0.03

    The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.

  • CVE-2014-6053Dec 15, 2014
    risk 0.00cvss epss 0.08

    The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon…

  • CVE-2014-6052Dec 15, 2014
    risk 0.00cvss epss 0.07

    The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large…

  • CVE-2014-8737Dec 9, 2014
    risk 0.00cvss epss 0.01

    Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an…

  • CVE-2014-8504Dec 9, 2014
    risk 0.00cvss epss 0.06

    Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

  • CVE-2014-8503Dec 9, 2014
    risk 0.00cvss epss 0.06

    Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file.

  • CVE-2014-8502Dec 9, 2014
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file.

  • CVE-2014-8501Dec 9, 2014
    risk 0.00cvss epss 0.05

    The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE…

  • CVE-2014-8484Dec 9, 2014
    risk 0.00cvss epss 0.05

    The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.

  • CVE-2012-6656Dec 5, 2014
    risk 0.00cvss epss 0.03

    iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.

Page 64 of 95