Product:

Ubuntu_linux

(Canonical)
Repositories https://github.com/torvalds/linux
https://github.com/ImageMagick/ImageMagick
https://github.com/LibRaw/LibRaw
https://github.com/neomutt/neomutt
https://github.com/xkbcommon/libxkbcommon
https://github.com/file/file
https://github.com/FreeRDP/FreeRDP
https://github.com/kyz/libmspack
https://github.com/gpac/gpac
https://github.com/curl/curl
https://github.com/krb5/krb5
https://github.com/apache/httpd
https://github.com/madler/zlib
https://github.com/dbry/WavPack
https://github.com/audreyt/module-signature
https://github.com/tats/w3m
https://github.com/libarchive/libarchive
https://github.com/Perl/perl5
https://github.com/libgd/libgd
https://github.com/ntp-project/ntp
https://github.com/LibVNC/libvncserver
https://github.com/openvswitch/ovs
https://github.com/newsoft/libvncserver
https://github.com/rubygems/rubygems
https://github.com/mm2/Little-CMS
https://github.com/memcached/memcached
https://github.com/erikd/libsndfile
https://github.com/dosfstools/dosfstools
https://github.com/php/php-src
https://github.com/WebKit/webkit
https://github.com/lxc/lxcfs
https://github.com/bagder/curl
https://github.com/vrtadmin/clamav-devel
https://github.com/bcgit/bc-java
• git://git.openssl.org/openssl.git
https://github.com/mdadams/jasper
https://github.com/pyca/cryptography
https://github.com/opencontainers/runc
https://git.kernel.org/pub/scm/git/git.git
https://github.com/openbsd/src
https://github.com/openssh/openssh-portable
https://github.com/openstack/glance
https://github.com/mongodb/mongo-python-driver
https://github.com/jpirko/libndp
https://github.com/FFmpeg/FFmpeg
https://github.com/requests/requests
https://github.com/glennrp/libpng
https://github.com/vim/vim
https://github.com/rdoc/rdoc
https://github.com/ansible/ansible
https://github.com/hexchat/hexchat
https://github.com/GNOME/pango
https://github.com/stoth68000/media-tree
https://github.com/ImageMagick/ImageMagick6
https://github.com/kennethreitz/requests
https://github.com/lxml/lxml
https://github.com/beanshell/beanshell
https://github.com/git/git
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/mysql/mysql-server
https://github.com/dovecot/core
https://github.com/openstack/nova-lxd
https://github.com/apple/cups
https://github.com/derickr/timelib
https://git.savannah.gnu.org/git/patch.git
https://github.com/puppetlabs/puppet
https://github.com/lxc/lxc
https://github.com/flori/json
https://github.com/qpdf/qpdf
https://github.com/TeX-Live/texlive-source
https://github.com/liblouis/liblouis
https://github.com/lavv17/lftp
https://github.com/Cisco-Talos/clamav-devel
https://github.com/moinwiki/moin-1.9
https://github.com/libimobiledevice/libimobiledevice
https://github.com/wikimedia/mediawiki
https://github.com/kohler/t1utils
https://github.com/khaledhosny/ots
https://github.com/jmacd/xdelta-devel
https://github.com/quassel/quassel
https://github.com/openstack/nova
#Vulnerabilities 4109
Date Id Summary Products Score Patch Annotated
2019-09-13 CVE-2019-15031 In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c. Ubuntu_linux, Linux_kernel, Leap, Enterprise_linux 4.4
2019-09-25 CVE-2019-13627 It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. Ubuntu_linux, Libgcrypt20, Leap 6.3
2019-10-14 CVE-2019-17542 FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. Ubuntu_linux, Debian_linux, Ffmpeg 9.8
2020-01-08 CVE-2019-17020 If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document. This vulnerability affects Firefox < 72. Ubuntu_linux, Firefox 6.5
2020-01-17 CVE-2019-14615 Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access. Ubuntu_linux, Atom_e3805, Atom_e3805_firmware, Atom_e3815, Atom_e3815_firmware, Atom_e3825, Atom_e3825_firmware, Atom_e3826, Atom_e3826_firmware, Atom_e3827, Atom_e3827_firmware, Atom_e3845, Atom_e3845_firmware, Atom_e620, Atom_e620_firmware, Atom_e620t, Atom_e620t_firmware, Atom_e640, Atom_e640_firmware, Atom_e640t, Atom_e640t_firmware, Atom_e660, Atom_e660_firmware, Atom_e660t, Atom_e660t_firmware, Atom_e680, Atom_e680_firmware, Atom_e680t, Atom_e680t_firmware, Atom_x3\-C3130, Atom_x3\-C3130_firmware, Atom_x3\-C3200rk, Atom_x3\-C3200rk_firmware, Atom_x3\-C3230rk, Atom_x3\-C3230rk_firmware, Atom_x3\-C3405, Atom_x3\-C3405_firmware, Atom_x3\-C3445, Atom_x3\-C3445_firmware, Atom_x5\-Z8300, Atom_x5\-Z8300_firmware, Atom_x5\-Z8330, Atom_x5\-Z8330_firmware, Atom_x5\-Z8500, Atom_x5\-Z8500_firmware, Atom_x7\-Z8700, Atom_x7\-Z8700_firmware, Atom_z2420, Atom_z2420_firmware, Atom_z2460, Atom_z2460_firmware, Atom_z2480, Atom_z2480_firmware, Atom_z2520, Atom_z2520_firmware, Atom_z2560, Atom_z2560_firmware, Atom_z2580, Atom_z2580_firmware, Atom_z2760, Atom_z2760_firmware, Atom_z3460, Atom_z3460_firmware, Atom_z3480, Atom_z3480_firmware, Atom_z3530, Atom_z3530_firmware, Atom_z3560, Atom_z3560_firmware, Atom_z3570, Atom_z3570_firmware, Atom_z3580, Atom_z3580_firmware, Atom_z3590, Atom_z3590_firmware, Atom_z3735d, Atom_z3735d_firmware, Atom_z3735e, Atom_z3735e_firmware, Atom_z3735f, Atom_z3735f_firmware, Atom_z3735g, Atom_z3735g_firmware, Atom_z3736f, Atom_z3736f_firmware, Atom_z3736g, Atom_z3736g_firmware, Atom_z3740, Atom_z3740_firmware, Atom_z3740d, Atom_z3740d_firmware, Atom_z3745, Atom_z3745_firmware, Atom_z3745d, Atom_z3745d_firmware, Atom_z3770, Atom_z3770_firmware, Atom_z3770d, Atom_z3770d_firmware, Atom_z3775, Atom_z3775_firmware, Atom_z3775d, Atom_z3775d_firmware, Atom_z3785, Atom_z3785_firmware, Atom_z3795, Atom_z3795_firmware, Celeron, Celeron_firmware, Celeron_g3900, Celeron_g3900_firmware, Celeron_g3930, Celeron_g3930_firmware, Celeron_g3930t, Celeron_g3930t_firmware, Celeron_g3950, Celeron_g3950_firmware, Celeron_g4900, Celeron_g4900_firmware, Celeron_g4900t, Celeron_g4900t_firmware, Celeron_g4920, Celeron_g4920_firmware, Celeron_g4930, Celeron_g4930_firmware, Celeron_g4930t, Celeron_g4930t_firmware, Celeron_g4950, Celeron_g4950_firmware, Celeron_j, Celeron_j1750, Celeron_j1750_firmware, Celeron_j1800, Celeron_j1800_firmware, Celeron_j1850, Celeron_j1850_firmware, Celeron_j1900, Celeron_j1900_firmware, Celeron_j3355e, Celeron_j3355e_firmware, Celeron_j4025, Celeron_j4025_firmware, Celeron_j4125, Celeron_j4125_firmware, Celeron_j_firmware, Celeron_n, Celeron_n2805, Celeron_n2805_firmware, Celeron_n2806, Celeron_n2806_firmware, Celeron_n2807, Celeron_n2807_firmware, Celeron_n2808, Celeron_n2808_firmware, Celeron_n2810, Celeron_n2810_firmware, Celeron_n2815, Celeron_n2815_firmware, Celeron_n2820, Celeron_n2820_firmware, Celeron_n2910, Celeron_n2910_firmware, Celeron_n2920, Celeron_n2920_firmware, Celeron_n3010, Celeron_n3010_firmware, Celeron_n3050, Celeron_n3050_firmware, Celeron_n3060, Celeron_n3060_firmware, Celeron_n3150, Celeron_n3150_firmware, Celeron_n3160, Celeron_n3160_firmware, Celeron_n3350e, Celeron_n3350e_firmware, Celeron_n4020, Celeron_n4020_firmware, Celeron_n4120, Celeron_n4120_firmware, Celeron_n_firmware, Core_i3\-1000g1_firmware, Core_i3\-1000g4_firmware, Core_i3\-1005g1_firmware, Core_i3\-10110u_firmware, Core_i3\-10110y_firmware, Core_i3\-6006u_firmware, Core_i3\-6098p_firmware, Core_i3\-6100_firmware, Core_i3\-6100e_firmware, Core_i3\-6100h_firmware, Core_i3\-6100t_firmware, Core_i3\-6100te_firmware, Core_i3\-6100u_firmware, Core_i3\-6102e_firmware, Core_i3\-6157u_firmware, Core_i3\-6167u_firmware, Core_i3\-6300_firmware, Core_i3\-6300t_firmware, Core_i3\-6320_firmware, Core_i3\-7020u_firmware, Core_i3\-7100_firmware, Core_i3\-7100e_firmware, Core_i3\-7100h_firmware, Core_i3\-7100t_firmware, Core_i3\-7100u_firmware, Core_i3\-7101e_firmware, Core_i3\-7101te_firmware, Core_i3\-7102e_firmware, Core_i3\-7130u_firmware, Core_i3\-7167u_firmware, Core_i3\-7300_firmware, Core_i3\-7300t_firmware, Core_i3\-7320_firmware, Core_i3\-7350k_firmware, Core_i3\-8100_firmware, Core_i3\-8100b_firmware, Core_i3\-8100h_firmware, Core_i3\-8100t_firmware, Core_i3\-8109u_firmware, Core_i3\-8130u_firmware, Core_i3\-8145u_firmware, Core_i3\-8145ue_firmware, Core_i3\-8300_firmware, Core_i3\-8300t_firmware, Core_i3\-8350k_firmware, Core_i3\-9100_firmware, Core_i3\-9100e_firmware, Core_i3\-9100f_firmware, Core_i3\-9100hl_firmware, Core_i3\-9100t_firmware, Core_i3\-9100te_firmware, Core_i3\-9300_firmware, Core_i3\-9300t_firmware, Core_i3\-9320_firmware, Core_i3\-9350k_firmware, Core_i3\-9350kf_firmware, Core_i5\-10210u_firmware, Core_i5\-10210y_firmware, Core_i5\-1030g4_firmware, Core_i5\-1030g7_firmware, Core_i5\-10310y_firmware, Core_i5\-1035g1_firmware, Core_i5\-1035g4_firmware, Core_i5\-1035g7_firmware, Core_i5\-6200u_firmware, Core_i5\-6260u_firmware, Core_i5\-6267u_firmware, Core_i5\-6287u_firmware, Core_i5\-6300hq_firmware, Core_i5\-6300u_firmware, Core_i5\-6350hq_firmware, Core_i5\-6360u_firmware, Core_i5\-6400_firmware, Core_i5\-6400t_firmware, Core_i5\-6402p_firmware, Core_i5\-6440eq_firmware, Core_i5\-6440hq_firmware, Core_i5\-6442eq_firmware, Core_i5\-6500_firmware, Core_i5\-6500t_firmware, Core_i5\-6500te_firmware, Core_i5\-6585r_firmware, Core_i5\-6600_firmware, Core_i5\-6600k_firmware, Core_i5\-6600t_firmware, Core_i5\-6685r_firmware, Core_i5\-7200u_firmware, Core_i5\-7260u_firmware, Core_i5\-7267u_firmware, Core_i5\-7287u_firmware, Core_i5\-7300hq_firmware, Core_i5\-7300u_firmware, Core_i5\-7360u_firmware, Core_i5\-7400_firmware, Core_i5\-7400t_firmware, Core_i5\-7440eq_firmware, Core_i5\-7440hq_firmware, Core_i5\-7442eq_firmware, Core_i5\-7500_firmware, Core_i5\-7500t_firmware, Core_i5\-7600_firmware, Core_i5\-7600k_firmware, Core_i5\-7600t_firmware, Core_i5\-7y54_firmware, Core_i5\-7y57_firmware, Core_i5\-8200y_firmware, Core_i5\-8210y_firmware, Core_i5\-8250u_firmware, Core_i5\-8257u_firmware, Core_i5\-8259u_firmware, Core_i5\-8265u_firmware, Core_i5\-8269u_firmware, Core_i5\-8279u_firmware, Core_i5\-8300h_firmware, Core_i5\-8305g_firmware, Core_i5\-8310y_firmware, Core_i5\-8350u_firmware, Core_i5\-8365u_firmware, Core_i5\-8365ue_firmware, Core_i5\-8400_firmware, Core_i5\-8400b_firmware, Core_i5\-8400h_firmware, Core_i5\-8400t_firmware, Core_i5\-8500_firmware, Core_i5\-8500b_firmware, Core_i5\-8500t_firmware, Core_i5\-8600_firmware, Core_i5\-8600k_firmware, Core_i5\-8600t_firmware, Core_i5\-9300h_firmware, Core_i5\-9300hf_firmware, Core_i5\-9400_firmware, Core_i5\-9400f_firmware, Core_i5\-9400h_firmware, Core_i5\-9400t_firmware, Core_i5\-9500_firmware, Core_i5\-9500e_firmware, Core_i5\-9500f_firmware, Core_i5\-9500t_firmware, Core_i5\-9500te_firmware, Core_i5\-9600_firmware, Core_i5\-9600k_firmware, Core_i5\-9600kf_firmware, Core_i5\-9600t_firmware, Core_i7\-10510u_firmware, Core_i7\-10510y_firmware, Core_i7\-1060g7_firmware, Core_i7\-1065g7_firmware, Core_i7\-10710u_firmware, Core_i7\-6500u_firmware, Core_i7\-6560u_firmware, Core_i7\-6567u_firmware, Core_i7\-6600u_firmware, Core_i7\-6650u_firmware, Core_i7\-6660u_firmware, Core_i7\-6700_firmware, Core_i7\-6700hq_firmware, Core_i7\-6700k_firmware, Core_i7\-6700t_firmware, Core_i7\-6700te_firmware, Core_i7\-6770hq_firmware, Core_i7\-6785r_firmware, Core_i7\-6820eq_firmware, Core_i7\-6820hk_firmware, Core_i7\-6820hq_firmware, Core_i7\-6822eq_firmware, Core_i7\-6870hq_firmware, Core_i7\-6920hq_firmware, Core_i7\-6970hq_firmware, Core_i7\-7500u_firmware, Core_i7\-7560u_firmware, Core_i7\-7567u_firmware, Core_i7\-7600u_firmware, Core_i7\-7660u_firmware, Core_i7\-7700_firmware, Core_i7\-7700hq_firmware, Core_i7\-7700k_firmware, Core_i7\-7700t_firmware, Core_i7\-7820eq_firmware, Core_i7\-7820hk_firmware, Core_i7\-7820hq_firmware, Core_i7\-7920hq_firmware, Core_i7\-7y75_firmware, Core_i7\-8086k_firmware, Core_i7\-8500y_firmware, Core_i7\-8550u_firmware, Core_i7\-8557u_firmware, Core_i7\-8559u_firmware, Core_i7\-8565u_firmware, Core_i7\-8569u_firmware, Core_i7\-8650u_firmware, Core_i7\-8665u_firmware, Core_i7\-8665ue_firmware, Core_i7\-8700_firmware, Core_i7\-8700b_firmware, Core_i7\-8700k_firmware, Core_i7\-8700t_firmware, Core_i7\-8705g_firmware, Core_i7\-8706g_firmware, Core_i7\-8709g_firmware, Core_i7\-8750h_firmware, Core_i7\-8809g_firmware, Core_i7\-8850h_firmware, Core_i7\-9700_firmware, Core_i7\-9700e_firmware, Core_i7\-9700f_firmware, Core_i7\-9700k_firmware, Core_i7\-9700kf_firmware, Core_i7\-9700t_firmware, Core_i7\-9700te_firmware, Core_i7\-9750h_firmware, Core_i7\-9750hf_firmware, Core_i7\-9850h_firmware, Core_i7\-9850he_firmware, Core_i7\-9850hl_firmware, Xeon_e3\-1220_firmware, Xeon_e3\-1225_firmware, Xeon_e3\-1230_firmware, Xeon_e3\-1235l_firmware, Xeon_e3\-1240_firmware, Xeon_e3\-1240l_firmware, Xeon_e3\-1245_firmware, Xeon_e3\-1260l_firmware, Xeon_e3\-1268l_firmware, Xeon_e3\-1270_firmware, Xeon_e3\-1275_firmware, Xeon_e3\-1280_firmware, Xeon_e3\-1285_firmware, Xeon_e3\-1501l_firmware, Xeon_e3\-1501m_firmware, Xeon_e3\-1505l_firmware, Xeon_e3\-1505m_firmware, Xeon_e3\-1515m_firmware, Xeon_e3\-1535m_firmware, Xeon_e3\-1545m_firmware, Xeon_e3\-1558l_firmware, Xeon_e3\-1565l_firmware, Xeon_e3\-1575m_firmware, Xeon_e3\-1578l_firmware, Xeon_e3\-1585_firmware, Xeon_e3\-1585l_firmware, Xeon_e\-2104g_firmware, Xeon_e\-2124_firmware, Xeon_e\-2124g_firmware, Xeon_e\-2126g_firmware, Xeon_e\-2134_firmware, Xeon_e\-2136_firmware, Xeon_e\-2144g_firmware, Xeon_e\-2146g_firmware, Xeon_e\-2174g_firmware, Xeon_e\-2176g_firmware, Xeon_e\-2186g_firmware, Xeon_e\-2224_firmware, Xeon_e\-2224g_firmware, Xeon_e\-2226g_firmware, Xeon_e\-2234_firmware, Xeon_e\-2236_firmware, Xeon_e\-2244g_firmware, Xeon_e\-2246g_firmware, Xeon_e\-2274g_firmware, Xeon_e\-2276g_firmware, Xeon_e\-2278g_firmware, Xeon_e\-2286g_firmware, Xeon_e\-2288g_firmware 5.5
2020-04-15 CVE-2019-12521 An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash... Ubuntu_linux, Debian_linux, Leap, Squid 5.9
2020-04-17 CVE-2019-7306 Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu Byobu, Ubuntu_linux 7.5
2020-07-15 CVE-2019-20908 An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032. Ubuntu_linux, Linux_kernel, Leap 6.7
2016-04-21 CVE-2013-7449 The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Ubuntu_linux, Hexchat, Xchat, Xchat_gnome 6.5
2018-03-08 CVE-2018-7183 Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. Ubuntu_linux, Freebsd, Element_software, Ntp 9.8