Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Total 3077 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-7204 3 Canonical, Debian, Mageia 4 Ubuntu Linux, Debian Linux, Exuberant Ctags and 1 more 2016-08-30 5.0 MEDIUM N/A
jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file.
CVE-2014-7145 3 Canonical, Linux, Redhat 6 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 3 more 2016-08-24 7.8 HIGH N/A
The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.
CVE-2012-5689 3 Canonical, Isc, Redhat 8 Ubuntu Linux, Bind, Enterprise Linux Desktop and 5 more 2016-08-19 7.1 HIGH N/A
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
CVE-2016-4558 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2016-08-02 6.9 MEDIUM 7.0 HIGH
The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb of memory, related to the program reference count or (2) a 1 Tb system, related to the map reference count.
CVE-2015-8946 2 Canonical, Ecryptfs 2 Ubuntu Linux, Ecryptfs-utils 2016-07-27 2.1 LOW 3.3 LOW
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.
CVE-2014-3686 3 Canonical, Debian, W1.fi 4 Ubuntu Linux, Debian Linux, Hostapd and 1 more 2016-07-27 6.8 MEDIUM N/A
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.
CVE-2016-5360 2 Canonical, Haproxy 2 Ubuntu Linux, Haproxy 2016-07-01 5.0 MEDIUM 7.5 HIGH
HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors.
CVE-2016-1582 1 Canonical 2 Lxd, Ubuntu Linux 2016-06-10 2.1 LOW 5.5 MEDIUM
LXD before 2.0.2 does not properly set permissions when switching an unprivileged container into privileged mode, which allows local users to access arbitrary world readable paths in the container directory via unspecified vectors.
CVE-2016-1581 1 Canonical 2 Lxd, Ubuntu Linux 2016-06-10 2.1 LOW 5.5 MEDIUM
LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.
CVE-2013-2099 2 Canonical, Python 2 Ubuntu Linux, Python 2016-06-09 4.3 MEDIUM N/A
Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.
CVE-2015-1322 2 Canonical, Ubuntu 2 Ubuntu Linux, Network-manager 2016-05-26 4.6 MEDIUM N/A
Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or read arbitrary files via a .. (dot dot) in the file name in a request to read modem device contexts (com.canonical.NMOfono.ReadImsiContexts).
CVE-2016-1580 1 Canonical 2 Ubuntu-core-launcher, Ubuntu Linux 2016-05-19 10.0 HIGH 9.8 CRITICAL
The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."
CVE-2016-1578 2 Canonical, Oxide Project 2 Ubuntu Linux, Oxide 2016-05-19 7.5 HIGH 9.8 CRITICAL
Use-after-free vulnerability in Oxide allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to responding synchronously to permission requests.
CVE-2013-4473 2 Canonical, Freedesktop 2 Ubuntu Linux, Poppler 2016-05-18 7.5 HIGH N/A
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename.
CVE-2013-0339 4 Canonical, Debian, Suse and 1 more 4 Ubuntu Linux, Debian Linux, Linux Enterprise Server and 1 more 2016-05-05 6.8 MEDIUM N/A
libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because libxml2 already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed and each affected application would need its own CVE.
CVE-2015-3146 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2016-04-20 5.0 MEDIUM 7.5 HIGH
The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet.
CVE-2015-5247 2 Canonical, Redhat 2 Ubuntu Linux, Libvirt 2016-04-18 4.0 MEDIUM 6.5 MEDIUM
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.
CVE-2011-4600 2 Canonical, Redhat 2 Ubuntu Linux, Libvirt 2016-04-18 4.3 MEDIUM 5.9 MEDIUM
The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query.
CVE-2013-6422 3 Canonical, Debian, Haxx 3 Ubuntu Linux, Debian Linux, Libcurl 2016-04-07 4.0 MEDIUM N/A
The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.
CVE-2014-3925 2 Canonical, Redhat 3 Ubuntu Linux, Enterprise Linux, Sos 2016-04-06 5.0 MEDIUM N/A
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.