Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-04-19 | CVE-2014-9761 | Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function. | Ubuntu_linux, Fedora, Glibc, Opensuse, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | 9.8 | ||
| 2018-02-27 | CVE-2016-10714 | In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters. | Ubuntu_linux, Zsh | 9.8 | ||
| 2018-02-27 | CVE-2014-10071 | In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax. | Ubuntu_linux, Zsh | 9.8 | ||
| 2019-03-09 | CVE-2019-9637 | An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data. | Ubuntu_linux, Debian_linux, Storage_automation_store, Leap, Php | 7.5 | ||
| 2019-04-18 | CVE-2019-11035 | When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash. | Ubuntu_linux, Storage_automation_store, Php | 9.1 | ||
| 2019-04-18 | CVE-2019-11034 | When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash. | Ubuntu_linux, Storage_automation_store, Php | 9.1 | ||
| 2018-11-29 | CVE-2018-8789 | FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). | Ubuntu_linux, Debian_linux, Freerdp | 7.5 | ||
| 2018-11-29 | CVE-2018-8788 | FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution. | Ubuntu_linux, Debian_linux, Freerdp | 9.8 | ||
| 2018-11-29 | CVE-2018-8787 | FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. | Ubuntu_linux, Debian_linux, Freerdp | 9.8 | ||
| 2018-03-20 | CVE-2018-1000135 | GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have been fixed in Some Ubuntu 16.04 packages were fixed, but later updates removed the fix. cf. https://bugs.launchpad.net/ubuntu/+bug/1754671 an upstream fix does not appear to be available at this time. | Ubuntu_linux, Networkmanager | 7.5 |