Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Canonical Subscribe
Total 4021 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15794 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2020-05-26 7.2 HIGH 6.7 MEDIUM
Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2009-2474 4 Apple, Canonical, Fedoraproject and 1 more 4 Mac Os X, Ubuntu Linux, Fedora and 1 more 2020-05-22 5.8 MEDIUM N/A
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVE-2014-9585 7 Canonical, Debian, Fedoraproject and 4 more 19 Ubuntu Linux, Debian Linux, Fedora and 16 more 2020-05-21 2.1 LOW N/A
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.
CVE-2014-9529 6 Canonical, Debian, Fedoraproject and 3 more 11 Ubuntu Linux, Debian Linux, Fedora and 8 more 2020-05-21 6.9 MEDIUM N/A
Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.
CVE-2014-9644 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2020-05-21 2.1 LOW N/A
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-2013-7421.
CVE-2018-14349 4 Canonical, Debian, Mutt and 1 more 4 Ubuntu Linux, Debian Linux, Mutt and 1 more 2020-05-19 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a NO response without a message.
CVE-2018-14350 4 Canonical, Debian, Mutt and 1 more 4 Ubuntu Linux, Debian Linux, Mutt and 1 more 2020-05-19 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.
CVE-2018-14351 4 Canonical, Debian, Mutt and 1 more 4 Ubuntu Linux, Debian Linux, Mutt and 1 more 2020-05-19 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size.
CVE-2018-14352 4 Canonical, Debian, Mutt and 1 more 4 Ubuntu Linux, Debian Linux, Mutt and 1 more 2020-05-19 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.
CVE-2018-14353 4 Canonical, Debian, Mutt and 1 more 4 Ubuntu Linux, Debian Linux, Mutt and 1 more 2020-05-19 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c has an integer underflow.
CVE-2018-14355 4 Canonical, Debian, Mutt and 1 more 4 Ubuntu Linux, Debian Linux, Mutt and 1 more 2020-05-19 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name.
CVE-2018-14356 4 Canonical, Debian, Mutt and 1 more 4 Ubuntu Linux, Debian Linux, Mutt and 1 more 2020-05-19 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.
CVE-2018-14358 4 Canonical, Debian, Mutt and 1 more 4 Ubuntu Linux, Debian Linux, Mutt and 1 more 2020-05-19 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.
CVE-2018-14362 5 Canonical, Debian, Mutt and 2 more 10 Ubuntu Linux, Debian Linux, Mutt and 7 more 2020-05-19 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.
CVE-2018-14359 4 Canonical, Debian, Mutt and 1 more 4 Ubuntu Linux, Debian Linux, Mutt and 1 more 2020-05-19 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.
CVE-2013-7421 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2020-05-19 2.1 LOW N/A
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.
CVE-2020-11931 2 Canonical, Pulseaudio 2 Ubuntu Linux, Pulseaudio 2020-05-19 2.1 LOW 3.3 LOW
An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue affects: pulseaudio 1:8.0 versions prior to 1:8.0-0ubuntu3.12; 1:11.1 versions prior to 1:11.1-1ubuntu7.7; 1:13.0 versions prior to 1:13.0-1ubuntu1.2; 1:13.99.1 versions prior to 1:13.99.1-1ubuntu3.2;
CVE-2017-17833 5 Canonical, Debian, Lenovo and 2 more 61 Ubuntu Linux, Debian Linux, Bm Nextscale Fan Power Controller and 58 more 2020-05-14 7.5 HIGH 9.8 CRITICAL
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
CVE-2016-4441 3 Canonical, Debian, Qemu 3 Ubuntu Linux, Debian Linux, Qemu 2020-05-14 2.1 LOW 6.0 MEDIUM
The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command.
CVE-2016-4439 3 Canonical, Debian, Qemu 3 Ubuntu Linux, Debian Linux, Qemu 2020-05-14 4.6 MEDIUM 6.7 MEDIUM
The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors.