Ubuntu_linux - Vulncode-DB

Date	Id	Summary	Products	Score
2014-03-14	CVE-2014-2270	softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.	Ubuntu_linux, Debian_linux, File, Opensuse, Php	N/A
2018-07-26	CVE-2015-9261	huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.	Busybox, Ubuntu_linux, Debian_linux	5.5
2019-01-09	CVE-2019-5747	An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.	Busybox, Ubuntu_linux	7.5
2017-11-20	CVE-2017-16544	In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.	Busybox, Ubuntu_linux, Debian_linux, N\-Tron_702\-W_firmware, N\-Tron_702m12\-W_firmware, Esxi	8.8
2015-10-21	CVE-2015-4802	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792.	Ubuntu_linux, Debian_linux, Fedora, Mariadb, Leap, Opensuse, Linux, Mysql, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation	N/A
2014-01-15	CVE-2014-0393	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.	Ubuntu_linux, Debian_linux, Mariadb, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation	N/A
2012-10-17	CVE-2012-3167	Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.	Ubuntu_linux, Debian_linux, Mariadb, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation	N/A
2019-08-09	CVE-2019-14433	An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.	Ubuntu_linux, Debian_linux, Nova, Openstack	6.5
2018-10-23	CVE-2018-18584	In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.	Cabextract, Ubuntu_linux, Debian_linux, Libmspack, Enterprise_linux, Starwind_virtual_san, Linux_enterprise_server	6.5
2018-10-23	CVE-2018-18585	chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).	Ubuntu_linux, Debian_linux, Libmspack, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Starwind_virtual_san, Linux_enterprise_server	4.3

Product: Ubuntu_linux (Canonical)

Product:
Ubuntu_linux
(Canonical)