Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2008-01-10 | CVE-2008-0226 | Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. | Mac_os_x, Ubuntu_linux, Debian_linux, Mysql, Mysql, Yassl | N/A | ||
2019-11-29 | CVE-2015-3406 | The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors. | Ubuntu_linux, Module\-Signature | N/A | ||
2019-12-02 | CVE-2012-4428 | openslp: SLPIntersectStringList()' Function has a DoS vulnerability | Ubuntu_linux, Debian_linux, Fedora, Openslp | N/A | ||
2019-11-20 | CVE-2019-3466 | The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. | Ubuntu_linux, Debian_linux, Postgresql\-Common | N/A | ||
2019-04-09 | CVE-2019-0816 | A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'. | Ubuntu_linux | 5.1 | ||
2019-11-21 | CVE-2012-3543 | mono 2.10.x ASP.NET Web Form Hash collision DoS | Ubuntu_linux, Debian_linux, Mono | N/A | ||
2019-11-20 | CVE-2015-3167 | contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack. | Ubuntu_linux, Debian_linux, Postgresql | N/A | ||
2019-11-20 | CVE-2015-3166 | The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error. | Ubuntu_linux, Debian_linux, Postgresql | N/A | ||
2019-11-04 | CVE-2017-5333 | Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file. | Ubuntu_linux, Debian_linux, Icoutils, Leap, Opensuse, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
2019-11-04 | CVE-2017-5332 | The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. | Ubuntu_linux, Debian_linux, Icoutils, Leap, Opensuse, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A |