Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Total 4154 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-6811 2 Canonical, Kde 2 Ubuntu Linux, Ksirc 2024-02-08 4.3 MEDIUM 6.5 MEDIUM
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow.
CVE-2006-5779 2 Canonical, Openldap 2 Ubuntu Linux, Openldap 2024-02-08 5.0 MEDIUM 7.5 HIGH
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.
CVE-2017-15129 4 Canonical, Fedoraproject, Linux and 1 more 20 Ubuntu Linux, Fedora, Linux Kernel and 17 more 2024-02-08 4.9 MEDIUM 4.7 MEDIUM
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.
CVE-2009-1386 3 Canonical, Openssl, Redhat 3 Ubuntu Linux, Openssl, Openssl 2024-02-07 5.0 MEDIUM N/A
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
CVE-2009-1378 2 Canonical, Openssl 2 Ubuntu Linux, Openssl 2024-02-07 5.0 MEDIUM N/A
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."
CVE-2009-1387 3 Canonical, Openssl, Redhat 3 Ubuntu Linux, Openssl, Openssl 2024-02-07 5.0 MEDIUM N/A
The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."
CVE-2007-3409 3 Canonical, Debian, Net-dns 3 Ubuntu Linux, Debian Linux, Net\ 2024-02-03 4.3 MEDIUM 7.5 HIGH
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.
CVE-2019-15118 5 Canonical, Debian, Linux and 2 more 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more 2024-02-03 4.9 MEDIUM 5.5 MEDIUM
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
CVE-2010-0050 4 Apple, Canonical, Fedoraproject and 1 more 5 Iphone Os, Safari, Ubuntu Linux and 2 more 2024-02-03 9.3 HIGH 8.8 HIGH
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.
CVE-2010-0302 4 Apple, Canonical, Fedoraproject and 1 more 10 Cups, Mac Os X, Mac Os X Server and 7 more 2024-02-03 4.3 MEDIUM 7.5 HIGH
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.
CVE-2008-5021 7 Canonical, Debian, Fedoraproject and 4 more 13 Ubuntu Linux, Debian Linux, Fedora and 10 more 2024-02-02 9.3 HIGH N/A
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.
CVE-2010-0629 5 Canonical, Fedoraproject, Mit and 2 more 5 Ubuntu Linux, Fedora, Kerberos 5 and 2 more 2024-02-02 4.0 MEDIUM 6.5 MEDIUM
Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.
CVE-2010-2941 7 Apple, Canonical, Debian and 4 more 13 Cups, Mac Os X, Mac Os X Server and 10 more 2024-02-02 9.3 HIGH 9.8 CRITICAL
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
CVE-2010-1772 5 Canonical, Fedoraproject, Google and 2 more 5 Ubuntu Linux, Fedora, Chrome and 2 more 2024-02-02 6.8 MEDIUM 8.8 HIGH
Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site, related to failure to stop timers associated with geolocation upon deletion of a document.
CVE-2009-3553 5 Apple, Canonical, Debian and 2 more 7 Cups, Mac Os X, Mac Os X Server and 4 more 2024-02-02 5.0 MEDIUM 7.5 HIGH
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information.
CVE-2009-2416 11 Apple, Canonical, Debian and 8 more 19 Iphone Os, Mac Os X, Mac Os X Server and 16 more 2024-02-02 4.3 MEDIUM 6.5 MEDIUM
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
CVE-2012-1988 4 Canonical, Debian, Fedoraproject and 1 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-02-02 6.0 MEDIUM N/A
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request.
CVE-2008-3281 7 Apple, Canonical, Debian and 4 more 11 Iphone Os, Safari, Ubuntu Linux and 8 more 2024-02-02 4.3 MEDIUM 6.5 MEDIUM
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
CVE-2009-1955 7 Apache, Apple, Canonical and 4 more 8 Apr-util, Http Server, Mac Os X and 5 more 2024-02-02 5.0 MEDIUM 7.5 HIGH
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
CVE-2007-1285 5 Canonical, Novell, Php and 2 more 7 Ubuntu Linux, Suse Linux, Php and 4 more 2024-02-02 5.0 MEDIUM 7.5 HIGH
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.