Filtered by vendor Canonical
Subscriptions
Total
4266 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-9963 | 3 Canonical, Debian, Exim | 3 Ubuntu Linux, Debian Linux, Exim | 2025-04-20 | N/A |
| Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages. | ||||
| CVE-2017-17681 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | N/A |
| In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file. | ||||
| CVE-2017-15016 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | N/A |
| ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c. | ||||
| CVE-2017-12836 | 3 Canonical, Debian, Gnu | 3 Ubuntu Linux, Debian Linux, Cvs | 2025-04-20 | N/A |
| CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar." | ||||
| CVE-2017-14533 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | N/A |
| ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c. | ||||
| CVE-2016-4323 | 3 Canonical, Debian, Pidgin | 3 Ubuntu Linux, Debian Linux, Pidgin | 2025-04-20 | N/A |
| A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image triggering the vulnerability. | ||||
| CVE-2017-11591 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2025-04-20 | 7.5 High |
| There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | ||||
| CVE-2015-7529 | 3 Canonical, Redhat, Sos Project | 9 Ubuntu Linux, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-20 | 7.8 High |
| sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date. | ||||
| CVE-2016-3616 | 4 Canonical, Debian, Libjpeg-turbo and 1 more | 4 Ubuntu Linux, Debian Linux, Libjpeg-turbo and 1 more | 2025-04-20 | N/A |
| The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. | ||||
| CVE-2017-7612 | 3 Canonical, Debian, Elfutils Project | 3 Ubuntu Linux, Debian Linux, Elfutils | 2025-04-20 | N/A |
| The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | ||||
| CVE-2017-7184 | 3 Canonical, Linux, Redhat | 8 Ubuntu Linux, Linux Kernel, Enterprise Linux and 5 more | 2025-04-20 | 7.8 High |
| The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52. | ||||
| CVE-2017-8900 | 2 Canonical, Lightdm Project | 2 Ubuntu Linux, Lightdm | 2025-04-20 | N/A |
| LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session. | ||||
| CVE-2014-9845 | 5 Canonical, Imagemagick, Opensuse and 2 more | 11 Ubuntu Linux, Imagemagick, Leap and 8 more | 2025-04-20 | N/A |
| The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. | ||||
| CVE-2016-9388 | 3 Canonical, Jasper Project, Redhat | 3 Ubuntu Linux, Jasper, Enterprise Linux | 2025-04-20 | 5.5 Medium |
| The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | ||||
| CVE-2014-9842 | 4 Canonical, Imagemagick, Opensuse and 1 more | 9 Ubuntu Linux, Imagemagick, Opensuse and 6 more | 2025-04-20 | N/A |
| Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | ||||
| CVE-2017-9936 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2025-04-20 | N/A |
| In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack. | ||||
| CVE-2017-9471 | 2 Canonical, Ytnef Project | 2 Ubuntu Linux, Ytnef | 2025-04-20 | N/A |
| In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | ||||
| CVE-2017-9403 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2025-04-20 | N/A |
| In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file. | ||||
| CVE-2017-9815 | 2 Canonical, Libtiff | 2 Ubuntu Linux, Libtiff | 2025-04-20 | N/A |
| In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file. | ||||
| CVE-2015-3643 | 2 Canonical, Usb-creator Project | 2 Ubuntu Linux, Usb-creator | 2025-04-20 | N/A |
| usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the KVMTest method. | ||||