Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-03-14 | CVE-2014-2270 | softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable. | Ubuntu_linux, Debian_linux, File, Opensuse, Php | N/A | ||
| 2018-07-26 | CVE-2015-9261 | huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file. | Busybox, Ubuntu_linux, Debian_linux | 5.5 | ||
| 2017-11-20 | CVE-2017-16544 | In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. | Busybox, Ubuntu_linux, Debian_linux, N\-Tron_702\-W_firmware, N\-Tron_702m12\-W_firmware, Esxi | 8.8 | ||
| 2015-10-21 | CVE-2015-4802 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792. | Ubuntu_linux, Debian_linux, Fedora, Mariadb, Leap, Opensuse, Linux, Mysql, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2014-01-15 | CVE-2014-0393 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB. | Ubuntu_linux, Debian_linux, Mariadb, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2012-10-17 | CVE-2012-3167 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search. | Ubuntu_linux, Debian_linux, Mariadb, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
| 2019-08-09 | CVE-2019-14433 | An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data. | Ubuntu_linux, Debian_linux, Nova, Openstack | 6.5 | ||
| 2018-10-23 | CVE-2018-18584 | In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. | Cabextract, Ubuntu_linux, Debian_linux, Libmspack, Enterprise_linux, Starwind_virtual_san, Linux_enterprise_server | 6.5 | ||
| 2018-10-23 | CVE-2018-18585 | chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). | Ubuntu_linux, Debian_linux, Libmspack, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Starwind_virtual_san, Linux_enterprise_server | 4.3 | ||
| 2020-01-15 | CVE-2019-15961 | A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the... | Ubuntu_linux, Email_security_appliance_firmware, Clamav, Debian_linux | 6.5 |