Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2015-04-24 | CVE-2015-3310 | Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server. | Ubuntu_linux, Debian_linux, Point\-To\-Point_protocol | N/A | ||
2020-02-08 | CVE-2019-11483 | Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. | Apport, Ubuntu_linux | N/A | ||
2020-02-08 | CVE-2019-11482 | Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories. | Apport, Ubuntu_linux | N/A | ||
2020-02-06 | CVE-2014-1958 | Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030. | Ubuntu_linux, Imagemagick, Opensuse | N/A | ||
2020-02-06 | CVE-2014-2030 | Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947. | Ubuntu_linux, Imagemagick, Opensuse | N/A | ||
2018-01-11 | CVE-2018-5333 | In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference. | Ubuntu_linux, Debian_linux, Linux_kernel | 5.5 | ||
2018-08-30 | CVE-2018-16140 | A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file. | Ubuntu_linux, Fig2dev | 7.8 | ||
2020-01-02 | CVE-2013-4532 | Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | Ubuntu_linux, Debian_linux, Qemu | N/A | ||
2019-12-31 | CVE-2013-4357 | The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. | Ubuntu_linux, Debian_linux, Eglibc, Fedora, Suse_linux_enterprise_server | N/A | ||
2020-01-08 | CVE-2019-17025 | Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 72. | Ubuntu_linux, Firefox | N/A |