Filtered by vendor Canonical
Subscribe
Total
4187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5747 | 2 Busybox, Canonical | 2 Busybox, Ubuntu Linux | 2022-10-29 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679. | |||||
| CVE-2015-9261 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2022-10-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file. | |||||
| CVE-2014-2270 | 5 Canonical, Debian, File Project and 2 more | 5 Ubuntu Linux, Debian Linux, File and 2 more | 2022-10-28 | 4.3 MEDIUM | N/A |
| softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable. | |||||
| CVE-2017-16544 | 5 Busybox, Canonical, Debian and 2 more | 8 Busybox, Ubuntu Linux, Debian Linux and 5 more | 2022-10-28 | 6.5 MEDIUM | 8.8 HIGH |
| In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. | |||||
| CVE-2020-2922 | 4 Canonical, Mariadb, Netapp and 1 more | 7 Ubuntu Linux, Mariadb, Active Iq Unified Manager and 4 more | 2022-10-28 | 4.3 MEDIUM | 3.7 LOW |
| Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2015-4802 | 7 Canonical, Debian, Fedoraproject and 4 more | 15 Ubuntu Linux, Debian Linux, Fedora and 12 more | 2022-10-27 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792. | |||||
| CVE-2014-0393 | 5 Canonical, Debian, Mariadb and 2 more | 10 Ubuntu Linux, Debian Linux, Mariadb and 7 more | 2022-10-27 | 3.3 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB. | |||||
| CVE-2019-14433 | 4 Canonical, Debian, Openstack and 1 more | 4 Ubuntu Linux, Debian Linux, Nova and 1 more | 2022-10-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data. | |||||
| CVE-2012-3167 | 5 Canonical, Debian, Mariadb and 2 more | 8 Ubuntu Linux, Debian Linux, Mariadb and 5 more | 2022-10-27 | 3.5 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search. | |||||
| CVE-2021-3709 | 1 Canonical | 2 Apport, Ubuntu Linux | 2022-10-27 | 2.1 LOW | 5.5 MEDIUM |
| Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3; | |||||
| CVE-2021-3626 | 2 Canonical, Microsoft | 2 Multipass, Windows | 2022-10-27 | 4.6 MEDIUM | 8.8 HIGH |
| The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation. | |||||
| CVE-2020-24394 | 5 Canonical, Linux, Opensuse and 2 more | 5 Ubuntu Linux, Linux Kernel, Leap and 2 more | 2022-10-25 | 3.6 LOW | 7.1 HIGH |
| In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered. | |||||
| CVE-2018-18584 | 7 Cabextract Project, Canonical, Debian and 4 more | 7 Cabextract, Ubuntu Linux, Debian Linux and 4 more | 2022-10-25 | 4.3 MEDIUM | 6.5 MEDIUM |
| In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. | |||||
| CVE-2018-18585 | 6 Canonical, Debian, Kyzer and 3 more | 8 Ubuntu Linux, Debian Linux, Libmspack and 5 more | 2022-10-25 | 4.3 MEDIUM | 4.3 MEDIUM |
| chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). | |||||
| CVE-2021-3747 | 2 Apple, Canonical | 2 Macos, Multipass | 2022-10-25 | 4.6 MEDIUM | 7.8 HIGH |
| The MacOS version of Multipass, version 1.7.0, fixed in 1.7.2, accidentally installed the application directory with incorrect owner. | |||||
| CVE-2020-16122 | 2 Canonical, Packagekit Project | 2 Ubuntu Linux, Packagekit | 2022-10-21 | 2.1 LOW | 7.8 HIGH |
| PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages. | |||||
| CVE-2019-15961 | 4 Canonical, Cisco, Clamav and 1 more | 4 Ubuntu Linux, Email Security Appliance Firmware, Clamav and 1 more | 2022-10-19 | 7.1 HIGH | 6.5 MEDIUM |
| A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. | |||||
| CVE-2019-5477 | 3 Canonical, Debian, Nokogiri | 3 Ubuntu Linux, Debian Linux, Nokogiri | 2022-10-14 | 7.5 HIGH | 9.8 CRITICAL |
| A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's `Kernel.open` method. Processes are vulnerable only if the undocumented method `Nokogiri::CSS::Tokenizer#load_file` is being called with unsafe user input as the filename. This vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. Rexical is used by Nokogiri to generate lexical scanner code for parsing CSS queries. The underlying vulnerability was addressed in Rexical v1.0.7 and Nokogiri upgraded to this version of Rexical in Nokogiri v1.10.4. | |||||
| CVE-2020-2778 | 5 Canonical, Debian, Netapp and 2 more | 20 Ubuntu Linux, Debian Linux, 7-mode Transition Tool and 17 more | 2022-10-14 | 4.3 MEDIUM | 3.7 LOW |
| Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2020-0093 | 5 Canonical, Debian, Google and 2 more | 5 Ubuntu Linux, Debian Linux, Android and 2 more | 2022-10-14 | 1.9 LOW | 5.0 MEDIUM |
| In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148705132 | |||||