Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Filtered by product Ubuntu Linux
Total 4129 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-1349 3 Apache, Canonical, Redhat 7 Mod Perl, Ubuntu Linux, Enterprise Linux Desktop and 4 more 2023-12-10 5.0 MEDIUM N/A
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
CVE-2008-1195 2 Canonical, Sun 4 Ubuntu Linux, Jdk, Jre and 1 more 2023-12-10 9.3 HIGH N/A
Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.
CVE-2007-0063 2 Canonical, Vmware 6 Ubuntu Linux, Ace, Esx and 3 more 2023-12-10 10.0 HIGH N/A
Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow.
CVE-2006-4343 3 Canonical, Debian, Openssl 3 Ubuntu Linux, Debian Linux, Openssl 2023-12-10 4.3 MEDIUM N/A
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.
CVE-2007-2443 3 Canonical, Debian, Mit 3 Ubuntu Linux, Debian Linux, Kerberos 5 2023-12-10 8.3 HIGH N/A
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
CVE-2007-2728 2 Canonical, Php 2 Ubuntu Linux, Php 2023-12-10 5.0 MEDIUM N/A
The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727.
CVE-2007-0908 2 Canonical, Php 2 Ubuntu Linux, Php 2023-12-10 5.0 MEDIUM N/A
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable.
CVE-2007-4497 2 Canonical, Vmware 5 Ubuntu Linux, Ace, Player and 2 more 2023-12-10 5.5 MEDIUM N/A
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors.
CVE-2007-6206 6 Canonical, Debian, Linux and 3 more 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more 2023-12-10 2.1 LOW N/A
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
CVE-2006-4093 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2023-12-10 4.9 MEDIUM N/A
Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time."
CVE-2004-1063 2 Canonical, Php 2 Ubuntu Linux, Php 2023-12-10 10.0 HIGH N/A
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
CVE-2006-1729 2 Canonical, Mozilla 4 Ubuntu Linux, Firefox, Mozilla Suite and 1 more 2023-12-10 4.3 MEDIUM N/A
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.
CVE-2006-3918 4 Apache, Canonical, Debian and 1 more 5 Http Server, Ubuntu Linux, Debian Linux and 2 more 2023-12-10 4.3 MEDIUM N/A
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.
CVE-2004-1064 2 Canonical, Php 2 Ubuntu Linux, Php 2023-12-10 10.0 HIGH N/A
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
CVE-2005-2492 3 Canonical, Linux, Redhat 3 Ubuntu Linux, Linux Kernel, Enterprise Linux 2023-12-10 3.6 LOW N/A
The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.
CVE-2005-4808 2 Canonical, Gnu 2 Ubuntu Linux, Binutils 2023-12-10 7.6 HIGH N/A
Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file.
CVE-2005-1260 4 Apple, Bzip, Canonical and 1 more 4 Mac Os X, Bzip2, Ubuntu Linux and 1 more 2023-12-10 5.0 MEDIUM N/A
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
CVE-2005-2970 4 Apache, Canonical, Fedoraproject and 1 more 6 Http Server, Ubuntu Linux, Fedora Core and 3 more 2023-12-10 5.0 MEDIUM N/A
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
CVE-2005-2700 3 Apache, Canonical, Debian 3 Http Server, Ubuntu Linux, Debian Linux 2023-12-10 10.0 HIGH N/A
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions.
CVE-2005-0758 2 Canonical, Gnu 2 Ubuntu Linux, Gzip 2023-12-10 4.6 MEDIUM N/A
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.