Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-06-04 | CVE-2022-28654 | is_closing_session() allows users to fill up apport.log | Apport, Ubuntu_linux | 5.5 | ||
| 2024-06-04 | CVE-2022-28655 | is_closing_session() allows users to create arbitrary tcp dbus connections | Apport, Ubuntu_linux | 7.1 | ||
| 2024-06-04 | CVE-2022-28657 | Apport does not disable python crash handler before entering chroot | Apport, Ubuntu_linux | 7.8 | ||
| 2024-06-04 | CVE-2022-28658 | Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing | Apport, Ubuntu_linux | 5.5 | ||
| 2024-07-01 | CVE-2024-6387 | A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. | Linux_2023, Ubuntu_linux, Debian_linux, Freebsd, E\-Series_santricity_os_controller, Ontap_select_deploy_administration_utility, Ontap_tools, Netbsd, Openssh, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_arm_64, Enterprise_linux_for_arm_64_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus, Openshift_container_platform, Linux_enterprise_micro | 8.1 | ||
| 2016-06-10 | CVE-2016-5118 | The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. | Ubuntu_linux, Debian_linux, Graphicsmagick, Imagemagick, Leap, Opensuse, Linux, Solaris, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Studio_onsite | 9.8 | ||
| 2017-03-20 | CVE-2014-9848 | Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). | Ubuntu_linux, Imagemagick, Leap, Opensuse, Leap, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_server_for_raspberry_pi, Suse_linux_enterprise_software_development_kit, Suse_linux_enterprise_workstation_extension | 7.5 | ||
| 2017-03-17 | CVE-2014-9853 | Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. | Ubuntu_linux, Imagemagick, Leap, Leap, Opensuse, Suse_linux_enterprise_software_development_kit, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension | 5.5 | ||
| 2017-03-17 | CVE-2014-9854 | coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." | Ubuntu_linux, Imagemagick, Leap, Opensuse, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | 7.5 | ||
| 2015-05-21 | CVE-2015-4000 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. | Iphone_os, Mac_os_x, Safari, Ubuntu_linux, Debian_linux, Chrome, Hp\-Ux, Content_manager, Internet_explorer, Firefox, Firefox_esr, Firefox_os, Network_security_services, Seamonkey, Thunderbird, Openssl, Opera_browser, Jdk, Jre, Jrockit, Sparc\-Opl_service_processor, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | 3.7 |