Product:

Ubuntu_linux

(Canonical)
Repositories https://github.com/torvalds/linux
https://github.com/ImageMagick/ImageMagick
https://github.com/LibRaw/LibRaw
https://github.com/neomutt/neomutt
https://github.com/xkbcommon/libxkbcommon
https://github.com/kyz/libmspack
https://github.com/FreeRDP/FreeRDP
https://github.com/gpac/gpac
https://github.com/krb5/krb5
https://github.com/curl/curl
https://github.com/dbry/WavPack
https://github.com/madler/zlib
https://github.com/file/file
https://github.com/audreyt/module-signature
https://github.com/apache/httpd
https://github.com/libgd/libgd
https://github.com/LibVNC/libvncserver
https://github.com/openvswitch/ovs
https://github.com/ntp-project/ntp
https://github.com/newsoft/libvncserver
https://github.com/Perl/perl5
https://github.com/rubygems/rubygems
https://github.com/libarchive/libarchive
https://github.com/tats/w3m
https://github.com/memcached/memcached
https://github.com/erikd/libsndfile
https://github.com/dosfstools/dosfstools
https://github.com/php/php-src
https://github.com/WebKit/webkit
https://github.com/lxc/lxcfs
https://github.com/bagder/curl
https://github.com/vrtadmin/clamav-devel
https://github.com/requests/requests
https://github.com/glennrp/libpng
https://github.com/vim/vim
https://github.com/opencontainers/runc
https://github.com/rdoc/rdoc
https://github.com/ansible/ansible
https://github.com/hexchat/hexchat
https://github.com/GNOME/pango
https://github.com/stoth68000/media-tree
https://github.com/mm2/Little-CMS
https://github.com/ImageMagick/ImageMagick6
https://github.com/kennethreitz/requests
https://github.com/lxml/lxml
https://github.com/beanshell/beanshell
https://github.com/openssh/openssh-portable
https://github.com/git/git
https://github.com/openbsd/src
https://github.com/libjpeg-turbo/libjpeg-turbo
• git://git.openssl.org/openssl.git
https://github.com/mysql/mysql-server
https://github.com/dovecot/core
https://git.kernel.org/pub/scm/git/git.git
https://github.com/openstack/nova-lxd
https://github.com/apple/cups
https://github.com/derickr/timelib
https://git.savannah.gnu.org/git/patch.git
https://github.com/puppetlabs/puppet
https://github.com/lxc/lxc
https://github.com/flori/json
https://github.com/qpdf/qpdf
https://github.com/TeX-Live/texlive-source
https://github.com/liblouis/liblouis
https://github.com/lavv17/lftp
https://github.com/Cisco-Talos/clamav-devel
https://github.com/moinwiki/moin-1.9
https://github.com/pyca/cryptography
https://github.com/libimobiledevice/libimobiledevice
https://github.com/jpirko/libndp
https://github.com/wikimedia/mediawiki
https://github.com/kohler/t1utils
https://github.com/khaledhosny/ots
https://github.com/jmacd/xdelta-devel
https://github.com/quassel/quassel
https://github.com/mongodb/mongo-python-driver
https://github.com/openstack/glance
https://github.com/openstack/nova
#Vulnerabilities 3561
Date Id Summary Products Score Patch Annotated
2014-03-21 CVE-2014-2497 The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. Ubuntu_linux, Debian_linux, Solaris, Php, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2019-01-09 CVE-2019-5747 An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679. Busybox, Ubuntu_linux 7.5
2020-07-15 CVE-2020-14562 Vulnerability in the Java SE product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients... Ubuntu_linux, Debian_linux, Fedora, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, E\-Series_santricity_web_services_proxy, Leap, Jdk 5.3
2018-11-07 CVE-2018-19058 An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file. Ubuntu_linux, Debian_linux, Poppler 6.5
2019-01-01 CVE-2018-20650 A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. Ubuntu_linux, Poppler 6.5
2019-08-01 CVE-2019-14494 An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc. Ubuntu_linux, Fedora, Poppler 7.5
2020-04-15 CVE-2020-2757 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE,... Ubuntu_linux, Debian_linux, Fedora, Epolicy_orchestrator, Active_iq_unified_manager, E\-Series_santricity_os_controller, Snapmanager, Storagegrid, Leap, Jdk, Jre, Openjdk 3.7
2020-04-15 CVE-2020-2805 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded,... Ubuntu_linux, Debian_linux, Fedora, 7\-Mode_transition_tool, Active_iq_unified_manager, Cloud_backup, E\-Series_performance_analyzer, E\-Series_santricity_os_controller, E\-Series_santricity_web_services, Oncommand_insight, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Santricity_unified_manager, Snapmanager, Steelstore_cloud_integrated_storage, Storagegrid, Leap, Jdk, Jre, Openjdk 8.3
2020-04-15 CVE-2020-2781 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note:... Ubuntu_linux, Debian_linux, Fedora, Threat_intelligence_exchange_server, Active_iq_unified_manager, E\-Series_santricity_os_controller, Snapmanager, Storagegrid, Leap, Jdk, Jre, Openjdk 5.3
2020-04-15 CVE-2020-2755 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE... Ubuntu_linux, Debian_linux, Fedora, Epolicy_orchestrator, Active_iq_unified_manager, E\-Series_santricity_os_controller, Snapmanager, Storagegrid, Leap, Jdk, Jre, Openjdk 3.7