Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-06-07 | CVE-2016-4450 | os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file. | Ubuntu_linux, Debian_linux, Nginx | 7.5 | ||
| 2007-05-10 | CVE-2007-2583 | The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. | Ubuntu_linux, Debian_linux, Mysql | N/A | ||
| 2019-08-14 | CVE-2019-9506 | The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. | Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Android, Alp\-Al00b_firmware, Ares\-Al00b_firmware, Ares\-Al10d_firmware, Ares\-Tl00c_firmware, Asoka\-Al00ax_firmware, Atomu\-L33_firmware, Atomu\-L41_firmware, Atomu\-L42_firmware, Barca\-Al00_firmware, Berkeley\-Al20_firmware, Berkeley\-L09_firmware, Berkeley\-Tl10_firmware, Bla\-Al00b_firmware, Bla\-L29c_firmware, Bla\-Tl00b_firmware, Cairogo\-L22_firmware, Charlotte\-L29c_firmware, Columbia\-Al10b_firmware, Columbia\-Al10i_firmware, Columbia\-L29d_firmware, Columbia\-Tl00d_firmware, Cornell\-Al00a_firmware, Cornell\-Al00i_firmware, Cornell\-Al00ind_firmware, Cornell\-Al10ind_firmware, Cornell\-L29a_firmware, Cornell\-Tl10b_firmware, Dubai\-Al00a_firmware, Dura\-Al00a_firmware, Dura\-Tl00a_firmware, Emily\-L29c_firmware, Ever\-L29b_firmware, Figo\-L23_firmware, Figo\-L31_firmware, Figo\-Tl10b_firmware, Florida\-Al20b_firmware, Florida\-L21_firmware, Florida\-L22_firmware, Florida\-L23_firmware, Florida\-Tl10b_firmware, Harry\-Al00c_firmware, Harry\-Al10b_firmware, Harry\-Tl00c_firmware, Hima\-L29c_firmware, Honor_10_lite_firmware, Honor_20_firmware, Honor_20_pro_firmware, Honor_8a_firmware, Honor_8x_firmware, Honor_view_10_firmware, Honor_view_20_firmware, Imanager_neteco_6000_firmware, Imanager_neteco_firmware, Jakarta\-Al00a_firmware, Johnson\-Tl00d_firmware, Johnson\-Tl00f_firmware, Katyusha\-Al00a_firmware, Laya\-Al00ep_firmware, Leland\-L21a_firmware, Leland\-L31a_firmware, Leland\-L32a_firmware, Leland\-L32c_firmware, Leland\-L42a_firmware, Leland\-L42c_firmware, Leland\-Tl10b_firmware, Leland\-Tl10c_firmware, Lelandp\-Al00c_firmware, Lelandp\-Al10b_firmware, Lelandp\-Al10d_firmware, Lelandp\-L22a_firmware, Lelandp\-L22c_firmware, Lelandp\-L22d_firmware, London\-Al40ind_firmware, Madrid\-Al00a_firmware, Madrid\-Tl00a_firmware, Mate_20_firmware, Mate_20_pro_firmware, Mate_20_x_firmware, Neo\-Al00d_firmware, Nova_3_firmware, Nova_4_firmware, Nova_5_firmware, Nova_5i_pro_firmware, Nova_lite_3_firmware, P20_firmware, P20_pro_firmware, P30_firmware, P30_pro_firmware, P_smart_2019_firmware, P_smart_firmware, Paris\-Al00ic_firmware, Paris\-L21b_firmware, Paris\-L21meb_firmware, Paris\-L29b_firmware, Potter\-Al00c_firmware, Potter\-Al10a_firmware, Princeton\-Al10b_firmware, Princeton\-Al10d_firmware, Princeton\-Tl10c_firmware, Sydney\-Al00_firmware, Sydney\-L21_firmware, Sydney\-L21br_firmware, Sydney\-L22_firmware, Sydney\-L22br_firmware, Sydney\-Tl00_firmware, Sydneym\-Al00_firmware, Sydneym\-L01_firmware, Sydneym\-L03_firmware, Sydneym\-L21_firmware, Sydneym\-L22_firmware, Sydneym\-L23_firmware, Tony\-Al00b_firmware, Tony\-Tl00b_firmware, Y5_2018_firmware, Y5_lite_firmware, Y6_2019_firmware, Y6_prime_2018_firmware, Y6_pro_2019_firmware, Y7_2019_firmware, Y9_2019_firmware, Yale\-Al00a_firmware, Yale\-Al50a_firmware, Yale\-L21a_firmware, Yale\-L61c_firmware, Yale\-Tl00b_firmware, Yalep\-Al10b_firmware, Leap, Enterprise_linux, Enterprise_linux_aus, Enterprise_linux_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_eus, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_tus, Mrg_realtime, Virtualization_host_eus | 8.1 | ||
| 2020-07-29 | CVE-2020-11933 | cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659. | Snapd, Ubuntu_linux | 6.8 | ||
| 2019-04-30 | CVE-2019-10131 | An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. | Ubuntu_linux, Debian_linux, Imagemagick, Leap, Enterprise_linux | 7.1 | ||
| 2019-07-11 | CVE-2019-10192 | A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer. | Ubuntu_linux, Debian_linux, Communications_operations_monitor, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Openstack, Software_collections, Redis | 7.2 | ||
| 2019-07-11 | CVE-2019-10193 | A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer. | Ubuntu_linux, Debian_linux, Communications_operations_monitor, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Openstack, Redis | 7.2 | ||
| 2019-02-06 | CVE-2019-3820 | It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions. | Ubuntu_linux, Gnome\-Shell, Leap | 4.3 | ||
| 2020-01-27 | CVE-2019-20421 | In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. | Ubuntu_linux, Debian_linux, Exiv2 | 7.5 | ||
| 2021-06-04 | CVE-2021-3489 | The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee ("bpf, ringbuf: Deny reserve of buffers larger than ringbuf") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced via 457f44363a88 ("bpf: Implement... | Ubuntu_linux, Linux_kernel | 7.8 |