Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Filtered by product Ubuntu Linux
Total 4107 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-4405 1 Canonical 1 Ubuntu Linux 2023-12-10 7.5 HIGH N/A
The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle (MITM) attack that modifies packages or repositories.
CVE-2010-1187 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2023-12-10 4.9 MEDIUM N/A
The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference.
CVE-2010-3442 6 Canonical, Debian, Fedoraproject and 3 more 9 Ubuntu Linux, Debian Linux, Fedora and 6 more 2023-12-10 4.7 MEDIUM N/A
Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.
CVE-2011-0695 3 Canonical, Linux, Redhat 7 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 4 more 2023-12-10 5.7 MEDIUM N/A
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
CVE-2010-1205 10 Apple, Canonical, Debian and 7 more 17 Iphone Os, Itunes, Mac Os X and 14 more 2023-12-10 7.5 HIGH 9.8 CRITICAL
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
CVE-2011-1017 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2023-12-10 7.2 HIGH N/A
Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table.
CVE-2010-3257 4 Apple, Canonical, Google and 1 more 5 Iphone Os, Safari, Ubuntu Linux and 2 more 2023-12-10 9.3 HIGH N/A
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus.
CVE-2010-2008 3 Canonical, Fedoraproject, Oracle 3 Ubuntu Linux, Fedora, Mysql 2023-12-10 3.5 LOW N/A
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
CVE-2010-2946 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2023-12-10 2.1 LOW N/A
fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy format for storage of extended attributes, which might allow local users by bypass intended xattr namespace restrictions via an "os2." substring at the beginning of a name.
CVE-2010-3849 4 Canonical, Debian, Linux and 1 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2023-12-10 4.7 MEDIUM N/A
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field.
CVE-2010-2648 3 Canonical, Google, Opensuse 3 Ubuntu Linux, Chrome, Opensuse 2023-12-10 9.3 HIGH N/A
The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVE-2010-3114 3 Canonical, Google, Webkitgtk 3 Ubuntu Linux, Chrome, Webkitgtk 2023-12-10 10.0 HIGH N/A
The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSeparatorCommand.cpp in WebCore/editing/.
CVE-2010-2942 6 Avaya, Canonical, Linux and 3 more 13 Aura Communication Manager, Aura Presence Services, Aura Session Manager and 10 more 2023-12-10 2.1 LOW 5.5 MEDIUM
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.
CVE-2010-1812 3 Apple, Canonical, Webkitgtk 4 Iphone Os, Ipod Touch, Ubuntu Linux and 1 more 2023-12-10 6.8 MEDIUM N/A
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections.
CVE-2010-3858 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2023-12-10 4.9 MEDIUM N/A
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
CVE-2010-2943 4 Avaya, Canonical, Linux and 1 more 10 Aura Communication Manager, Aura Presence Services, Aura Session Manager and 7 more 2023-12-10 6.4 MEDIUM 8.1 HIGH
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
CVE-2010-0159 3 Canonical, Debian, Mozilla 5 Ubuntu Linux, Debian Linux, Firefox and 2 more 2023-12-10 10.0 HIGH N/A
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.
CVE-2010-1773 5 Canonical, Fedoraproject, Google and 2 more 5 Ubuntu Linux, Fedora, Chrome and 2 more 2023-12-10 6.8 MEDIUM 8.8 HIGH
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.
CVE-2010-3451 3 Apache, Canonical, Debian 3 Openoffice, Ubuntu Linux, Debian Linux 2023-12-10 9.3 HIGH N/A
Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document.
CVE-2010-2226 4 Canonical, Debian, Linux and 1 more 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more 2023-12-10 2.1 LOW N/A
The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file.