Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-12-19 | CVE-2018-15127 | LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution | Ubuntu_linux, Debian_linux, Libvncserver, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 9.8 | ||
| 2017-09-07 | CVE-2017-14174 | In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. | Ubuntu_linux, Debian_linux, Imagemagick | 6.5 | ||
| 2017-11-05 | CVE-2017-16546 | The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file. | Ubuntu_linux, Debian_linux, Imagemagick | 8.8 | ||
| 2016-06-14 | CVE-2016-5238 | The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode. | Ubuntu_linux, Debian_linux, Qemu | 4.4 | ||
| 2016-09-02 | CVE-2016-5107 | The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors. | Ubuntu_linux, Debian_linux, Qemu | 6.0 | ||
| 2016-09-02 | CVE-2016-5106 | The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command. | Ubuntu_linux, Debian_linux, Qemu | 6.0 | ||
| 2016-09-02 | CVE-2016-5105 | The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command. | Ubuntu_linux, Debian_linux, Qemu | 4.4 | ||
| 2016-09-02 | CVE-2016-4952 | QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command. | Ubuntu_linux, Debian_linux, Qemu | 6.0 | ||
| 2016-04-07 | CVE-2016-2510 | BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler. | Beanshell, Ubuntu_linux, Debian_linux | 8.1 | ||
| 2019-12-30 | CVE-2019-20079 | The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory. | Ubuntu_linux, Vim | 7.8 |