Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Canonical Subscribe
Total 4021 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-6031 4 Canonical, Debian, Miniupnp Project and 1 more 5 Ubuntu Linux, Debian Linux, Miniupnpc and 2 more 2019-06-18 6.8 MEDIUM N/A
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.
CVE-2019-9917 3 Canonical, Fedoraproject, Znc 3 Ubuntu Linux, Fedora, Znc 2019-06-14 4.0 MEDIUM 6.5 MEDIUM
ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.
CVE-2019-7524 4 Canonical, Debian, Dovecot and 1 more 4 Ubuntu Linux, Debian Linux, Dovecot and 1 more 2019-06-13 7.2 HIGH 7.8 HIGH
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.
CVE-2019-3814 3 Canonical, Dovecot, Opensuse 3 Ubuntu Linux, Dovecot, Leap 2019-06-13 4.9 MEDIUM 6.8 MEDIUM
It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.
CVE-2015-1472 2 Canonical, Gnu 2 Ubuntu Linux, Glibc 2019-06-13 7.5 HIGH N/A
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
CVE-2014-9761 5 Canonical, Fedoraproject, Gnu and 2 more 9 Ubuntu Linux, Fedora, Glibc and 6 more 2019-06-13 7.5 HIGH 9.8 CRITICAL
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.
CVE-2016-10714 2 Canonical, Zsh 2 Ubuntu Linux, Zsh 2019-06-11 7.5 HIGH 9.8 CRITICAL
In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
CVE-2014-10071 2 Canonical, Zsh 2 Ubuntu Linux, Zsh 2019-06-11 7.5 HIGH 9.8 CRITICAL
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
CVE-2018-11469 2 Canonical, Haproxy 2 Ubuntu Linux, Haproxy 2019-06-11 4.3 MEDIUM 5.9 MEDIUM
Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.
CVE-2018-8789 3 Canonical, Debian, Freerdp 3 Ubuntu Linux, Debian Linux, Freerdp 2019-06-03 5.0 MEDIUM 7.5 HIGH
FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).
CVE-2018-8788 3 Canonical, Debian, Freerdp 3 Ubuntu Linux, Debian Linux, Freerdp 2019-06-03 7.5 HIGH 9.8 CRITICAL
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.
CVE-2019-9675 3 Canonical, Opensuse, Php 3 Ubuntu Linux, Leap, Php 2019-06-03 6.8 MEDIUM 8.1 HIGH
** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible."
CVE-2019-9637 5 Canonical, Debian, Netapp and 2 more 5 Ubuntu Linux, Debian Linux, Storage Automation Store and 2 more 2019-06-03 5.0 MEDIUM 7.5 HIGH
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.
CVE-2018-1000135 2 Canonical, Gnome 2 Ubuntu Linux, Networkmanager 2019-06-03 5.0 MEDIUM 7.5 HIGH
GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have been fixed in Some Ubuntu 16.04 packages were fixed, but later updates removed the fix. cf. https://bugs.launchpad.net/ubuntu/+bug/1754671 an upstream fix does not appear to be available at this time.
CVE-2018-4233 3 Apple, Canonical, Microsoft 8 Icloud, Iphone Os, Itunes and 5 more 2019-06-02 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2015-1335 2 Canonical, Linuxcontainers 2 Ubuntu Linux, Lxc 2019-05-31 7.2 HIGH N/A
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
CVE-2018-6556 4 Canonical, Linuxcontainers, Opensuse and 1 more 6 Ubuntu Linux, Lxc, Leap and 3 more 2019-05-31 2.1 LOW 3.3 LOW
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.
CVE-2018-18954 3 Canonical, Opensuse, Qemu 3 Ubuntu Linux, Leap, Qemu 2019-05-31 2.1 LOW 5.5 MEDIUM
The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.
CVE-2018-18849 4 Canonical, Fedoraproject, Opensuse and 1 more 4 Ubuntu Linux, Fedora, Leap and 1 more 2019-05-31 2.1 LOW 5.5 MEDIUM
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
CVE-2019-3885 3 Canonical, Clusterlabs, Fedoraproject 3 Ubuntu Linux, Pacemaker, Fedora 2019-05-27 5.0 MEDIUM 7.5 HIGH
A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.