Filtered by vendor Canonical
Subscribe
Total
3915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5715 | 7 Arm, Canonical, Debian and 4 more | 221 Cortex-a, Ubuntu Linux, Debian Linux and 218 more | 2024-02-04 | 1.9 LOW | 5.6 MEDIUM |
| Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | |||||
| CVE-2017-15275 | 4 Canonical, Debian, Redhat and 1 more | 6 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 3 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. | |||||
| CVE-2017-17886 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file. | |||||
| CVE-2017-11591 | 2 Canonical, Exiv2 | 2 Ubuntu Linux, Exiv2 | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | |||||
| CVE-2017-15908 | 2 Canonical, Systemd Project | 2 Ubuntu Linux, Systemd | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service. | |||||
| CVE-2017-17814 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack. | |||||
| CVE-2017-17812 | 2 Canonical, Nasm | 2 Ubuntu Linux, Netwide Assembler | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack. | |||||
| CVE-2017-15298 | 2 Canonical, Git-scm | 2 Ubuntu Linux, Git | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk. | |||||
| CVE-2017-15218 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c. | |||||
| CVE-2017-15033 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. | |||||
| CVE-2017-14493 | 5 Canonical, Debian, Opensuse and 2 more | 7 Ubuntu Linux, Debian Linux, Leap and 4 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. | |||||
| CVE-2017-17785 | 3 Canonical, Debian, Gimp | 3 Ubuntu Linux, Debian Linux, Gimp | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. | |||||
| CVE-2017-15102 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Linux | 2024-02-04 | 6.9 MEDIUM | 6.3 MEDIUM |
| The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference. | |||||
| CVE-2017-17681 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-04 | 7.1 HIGH | 6.5 MEDIUM |
| In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file. | |||||
| CVE-2015-5300 | 7 Canonical, Debian, Fedoraproject and 4 more | 20 Ubuntu Linux, Debian Linux, Fedora and 17 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart). | |||||
| CVE-2017-12693 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-04 | 7.1 HIGH | 6.5 MEDIUM |
| The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file. | |||||
| CVE-2017-18008 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c. | |||||
| CVE-2017-14632 | 3 Canonical, Debian, Xiph.org | 3 Ubuntu Linux, Debian Linux, Libvorbis | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. | |||||
| CVE-2017-6512 | 3 Canonical, Debian, File\ | 3 Ubuntu Linux, Debian Linux, \ | 2024-02-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic. | |||||
| CVE-2018-5357 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c. | |||||