Product:

Ubuntu_linux

(Canonical)
Repositories https://github.com/torvalds/linux
https://github.com/LibRaw/LibRaw
https://github.com/neomutt/neomutt
https://github.com/ImageMagick/ImageMagick
https://github.com/xkbcommon/libxkbcommon
https://github.com/FreeRDP/FreeRDP
https://github.com/kyz/libmspack
https://github.com/gpac/gpac
https://github.com/dbry/WavPack
https://github.com/curl/curl
https://github.com/file/file
https://github.com/audreyt/module-signature
https://github.com/LibVNC/libvncserver
https://github.com/rubygems/rubygems
https://github.com/Perl/perl5
https://github.com/libarchive/libarchive
https://github.com/tats/w3m
https://github.com/openvswitch/ovs
https://github.com/ntp-project/ntp
https://github.com/apache/httpd
https://github.com/newsoft/libvncserver
https://github.com/dosfstools/dosfstools
https://github.com/memcached/memcached
https://github.com/WebKit/webkit
https://github.com/libgd/libgd
https://github.com/lxc/lxcfs
https://github.com/bagder/curl
https://github.com/vrtadmin/clamav-devel
https://github.com/git/git
https://github.com/mysql/mysql-server
https://github.com/GNOME/pango
https://github.com/openssh/openssh-portable
https://github.com/dovecot/core
https://git.kernel.org/pub/scm/git/git.git
https://github.com/openstack/nova-lxd
https://github.com/apple/cups
https://github.com/beanshell/beanshell
https://github.com/php/php-src
https://github.com/derickr/timelib
https://github.com/glennrp/libpng
https://github.com/openbsd/src
https://git.savannah.gnu.org/git/patch.git
https://github.com/requests/requests
https://github.com/puppetlabs/puppet
https://github.com/lxc/lxc
https://github.com/flori/json
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/simsong/tcpflow
https://github.com/qpdf/qpdf
https://github.com/lxml/lxml
https://github.com/TeX-Live/texlive-source
https://github.com/liblouis/liblouis
https://github.com/ImageMagick/ImageMagick6
https://github.com/mm2/Little-CMS
https://github.com/lavv17/lftp
https://github.com/Cisco-Talos/clamav-devel
https://github.com/moinwiki/moin-1.9
https://github.com/pyca/cryptography
https://github.com/libimobiledevice/libimobiledevice
https://github.com/jpirko/libndp
https://github.com/wikimedia/mediawiki
https://github.com/kohler/t1utils
https://github.com/kennethreitz/requests
https://github.com/khaledhosny/ots
https://github.com/jmacd/xdelta-devel
https://github.com/quassel/quassel
https://github.com/hexchat/hexchat
https://github.com/mongodb/mongo-python-driver
https://github.com/openstack/glance
https://github.com/openstack/nova
#Vulnerabilities 2398
Date ID Summary Products Score Patch
2016-06-13 CVE-2016-4355 Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow. Ubuntu_linux, Libksba 7.5
2016-06-13 CVE-2016-4354 ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow. Ubuntu_linux, Libksba 7.5
2016-06-13 CVE-2016-4353 ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data. Ubuntu_linux, Libksba 7.5
2019-08-16 CVE-2019-15098 drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. Ubuntu_linux, Linux_kernel, Active_iq_performance_analytics_services, Active_iq_unified_manager, Data_availability_services, Element_software, Leap N/A
2019-11-21 CVE-2012-3543 mono 2.10.x ASP.NET Web Form Hash collision DoS Ubuntu_linux, Debian_linux, Mono N/A
2019-11-20 CVE-2015-3167 contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack. Ubuntu_linux, Debian_linux, Postgresql N/A
2019-11-20 CVE-2015-3166 The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error. Ubuntu_linux, Debian_linux, Postgresql N/A
2019-11-20 CVE-2015-1607 kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges." Ubuntu_linux, Gnupg N/A
2019-11-13 CVE-2019-2201 In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338 Ubuntu_linux, Android N/A
2019-11-07 CVE-2013-1429 Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. Ubuntu_linux, Debian_linux, Lintian N/A