Product:

Ubuntu_linux

(Canonical)
Repositories https://github.com/torvalds/linux
https://github.com/ImageMagick/ImageMagick
https://github.com/LibRaw/LibRaw
https://github.com/neomutt/neomutt
https://github.com/xkbcommon/libxkbcommon
https://github.com/kyz/libmspack
https://github.com/FreeRDP/FreeRDP
https://github.com/gpac/gpac
https://github.com/krb5/krb5
https://github.com/curl/curl
https://github.com/file/file
https://github.com/dbry/WavPack
https://github.com/audreyt/module-signature
https://github.com/LibVNC/libvncserver
https://github.com/openvswitch/ovs
https://github.com/apache/httpd
https://github.com/ntp-project/ntp
https://github.com/newsoft/libvncserver
https://github.com/Perl/perl5
https://github.com/rubygems/rubygems
https://github.com/libarchive/libarchive
https://github.com/tats/w3m
https://github.com/memcached/memcached
https://github.com/erikd/libsndfile
https://github.com/libgd/libgd
https://github.com/dosfstools/dosfstools
https://github.com/php/php-src
https://github.com/WebKit/webkit
https://github.com/lxc/lxcfs
https://github.com/bagder/curl
https://github.com/vrtadmin/clamav-devel
https://github.com/opencontainers/runc
https://github.com/rdoc/rdoc
https://github.com/ansible/ansible
https://github.com/hexchat/hexchat
https://github.com/GNOME/pango
https://github.com/stoth68000/media-tree
https://github.com/mm2/Little-CMS
https://github.com/ImageMagick/ImageMagick6
https://github.com/requests/requests
https://github.com/kennethreitz/requests
https://github.com/lxml/lxml
https://github.com/beanshell/beanshell
https://github.com/glennrp/libpng
https://github.com/openssh/openssh-portable
https://github.com/git/git
https://github.com/openbsd/src
https://github.com/libjpeg-turbo/libjpeg-turbo
• git://git.openssl.org/openssl.git
https://github.com/mysql/mysql-server
https://github.com/dovecot/core
https://git.kernel.org/pub/scm/git/git.git
https://github.com/openstack/nova-lxd
https://github.com/apple/cups
https://github.com/derickr/timelib
https://git.savannah.gnu.org/git/patch.git
https://github.com/puppetlabs/puppet
https://github.com/lxc/lxc
https://github.com/flori/json
https://github.com/qpdf/qpdf
https://github.com/TeX-Live/texlive-source
https://github.com/liblouis/liblouis
https://github.com/lavv17/lftp
https://github.com/Cisco-Talos/clamav-devel
https://github.com/moinwiki/moin-1.9
https://github.com/pyca/cryptography
https://github.com/libimobiledevice/libimobiledevice
https://github.com/jpirko/libndp
https://github.com/wikimedia/mediawiki
https://github.com/kohler/t1utils
https://github.com/khaledhosny/ots
https://github.com/jmacd/xdelta-devel
https://github.com/quassel/quassel
https://github.com/mongodb/mongo-python-driver
https://github.com/openstack/glance
https://github.com/openstack/nova
#Vulnerabilities 3098
Date Id Summary Products Score Patch Annotated
2017-12-01 CVE-2017-16611 In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files. Ubuntu_linux, Debian_linux, Libxfont 5.5
2016-02-18 CVE-2015-7547 Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. Ubuntu_linux, Debian_linux, Big\-Ip_access_policy_manager, Big\-Ip_advanced_firewall_manager, Big\-Ip_analytics, Big\-Ip_application_acceleration_manager, Big\-Ip_application_security_manager, Big\-Ip_domain_name_system, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_policy_enforcement_manager, Glibc, Helion_openstack, Server_migration_pack, Opensuse, Exalogic_infrastructure, Fujitsu_m10_firmware, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Unified_threat_management_software, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server 8.1
2020-01-23 CVE-2015-5239 Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop. Ubuntu_linux, Fedora, Qemu, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit 6.5
2013-03-20 CVE-2013-1640 The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users to execute arbitrary code via a crafted catalog request. Ubuntu_linux, Puppet, Puppet_enterprise N/A
2014-01-07 CVE-2013-4969 Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. Ubuntu_linux, Debian_linux, Puppet_enterprise, Puppet N/A
2018-07-27 CVE-2018-1056 An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files. Advancecomp, Ubuntu_linux, Debian_linux 7.8
2022-01-14 CVE-2022-20698 A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV... Ubuntu_linux, Clamav, Debian_linux 7.5