Total
4150 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-10675 | 3 Canonical, Linux, Redhat | 9 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 6 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls. | |||||
CVE-2018-9918 | 2 Canonical, Qpdf Project | 2 Ubuntu Linux, Qpdf | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, because nesting in direct objects is not restricted. | |||||
CVE-2018-2812 | 3 Canonical, Netapp, Oracle | 7 Ubuntu Linux, Oncommand Insight, Oncommand Unified Manager and 4 more | 2024-02-28 | 5.5 MEDIUM | 5.5 MEDIUM |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). | |||||
CVE-2018-12015 | 6 Apple, Archive\, Canonical and 3 more | 9 Mac Os X, \, Ubuntu Linux and 6 more | 2024-02-28 | 6.4 MEDIUM | 7.5 HIGH |
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | |||||
CVE-2018-12233 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr. | |||||
CVE-2018-2796 | 6 Canonical, Debian, Hp and 3 more | 14 Ubuntu Linux, Debian Linux, Xp7 Command View and 11 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | |||||
CVE-2018-1124 | 6 Canonical, Debian, Opensuse and 3 more | 9 Ubuntu Linux, Debian Linux, Leap and 6 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users. | |||||
CVE-2018-5163 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2024-02-28 | 5.1 MEDIUM | 8.1 HIGH |
If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process' privileges, escaping the sandbox on content processes. This vulnerability affects Firefox < 60. | |||||
CVE-2017-7829 | 4 Canonical, Debian, Mozilla and 1 more | 8 Ubuntu Linux, Debian Linux, Thunderbird and 5 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird < 52.5.2. | |||||
CVE-2018-6797 | 4 Canonical, Debian, Perl and 1 more | 5 Ubuntu Linux, Debian Linux, Perl and 2 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written. | |||||
CVE-2018-1000007 | 5 Canonical, Debian, Fujitsu and 2 more | 20 Ubuntu Linux, Debian Linux, M10-1 and 17 more | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request. | |||||
CVE-2018-5101 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58. | |||||
CVE-2018-2798 | 6 Canonical, Debian, Hp and 3 more | 14 Ubuntu Linux, Debian Linux, Xp7 Command View and 11 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | |||||
CVE-2018-5107 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The printing process requires files in a specific format so arbitrary data cannot be read but it is possible that some local file information could be exposed. This vulnerability affects Firefox < 58. | |||||
CVE-2018-4222 | 3 Apple, Canonical, Microsoft | 8 Icloud, Iphone Os, Itunes and 5 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a getWasmBufferFromValue out-of-bounds read during WebAssembly compilation. | |||||
CVE-2018-12929 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem. | |||||
CVE-2018-5098 | 4 Canonical, Debian, Mozilla and 1 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. | |||||
CVE-2018-5155 | 4 Canonical, Debian, Mozilla and 1 more | 12 Ubuntu Linux, Debian Linux, Firefox and 9 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. | |||||
CVE-2018-11655 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file. | |||||
CVE-2018-12265 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp. |