Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Total 4203 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-7645 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-11-21 7.8 HIGH 7.5 HIGH
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.
CVE-2017-7613 3 Canonical, Debian, Elfutils Project 3 Ubuntu Linux, Debian Linux, Elfutils 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
CVE-2017-7612 3 Canonical, Debian, Elfutils Project 3 Ubuntu Linux, Debian Linux, Elfutils 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2017-7611 3 Canonical, Debian, Elfutils Project 3 Ubuntu Linux, Debian Linux, Elfutils 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2017-7610 3 Canonical, Debian, Elfutils Project 3 Ubuntu Linux, Debian Linux, Elfutils 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2017-7608 3 Canonical, Debian, Elfutils Project 3 Ubuntu Linux, Debian Linux, Elfutils 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2017-7526 3 Canonical, Debian, Gnupg 3 Ubuntu Linux, Debian Linux, Libgcrypt 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.
CVE-2017-7518 4 Canonical, Debian, Linux and 1 more 9 Ubuntu Linux, Debian Linux, Linux Kernel and 6 more 2024-11-21 4.6 MEDIUM 5.5 MEDIUM
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.
CVE-2017-7481 3 Canonical, Debian, Redhat 10 Ubuntu Linux, Debian Linux, Ansible Engine and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.
CVE-2017-7358 2 Canonical, Lightdm Project 2 Ubuntu Linux, Lightdm 2024-11-21 6.9 MEDIUM 7.3 HIGH
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
CVE-2017-7184 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2024-11-21 7.2 HIGH 7.8 HIGH
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.
CVE-2017-7165 3 Apple, Canonical, Microsoft 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7161 2 Apple, Canonical 2 Safari, Ubuntu Linux 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. Safari before 11.0.2 is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code via special characters that trigger command injection.
CVE-2017-7160 3 Apple, Canonical, Microsoft 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7153 3 Apple, Canonical, Microsoft 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof user-interface information (about whether the entire content is derived from a valid TLS session) via a crafted web site that sends a 401 Unauthorized redirect.
CVE-2017-6964 2 Canonical, Debian 2 Ubuntu Linux, Debian Linux 2024-11-21 7.2 HIGH 7.8 HIGH
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through 2.1.5+deb1+cvs20081104-13.1 on Debian, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1 on Ubuntu 16.10, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1 on Ubuntu 16.04 LTS, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1 on Ubuntu 14.04 LTS, and eject before 2.1.5+deb1+cvs20081104-9ubuntu0.1 on Ubuntu 12.04 LTS.
CVE-2017-6960 3 Apng2gif Project, Canonical, Debian 3 Apng2gif, Ubuntu Linux, Debian Linux 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable.
CVE-2017-6590 1 Canonical 1 Ubuntu Linux 2024-11-21 6.9 MEDIUM 6.3 MEDIUM
An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login screen to access local files and execute arbitrary commands as the lightdm user. The exploitation requires physical access to the locked computer and the Wi-Fi must be turned on. An access point that lets you use a certificate to login is required as well, but it's easy to create one. Then, it's possible to open a nautilus window and browse directories. One also can open some applications such as Firefox, which is useful for downloading malicious binaries.
CVE-2017-6519 2 Avahi, Canonical 2 Avahi, Ubuntu Linux 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
CVE-2017-6512 3 Canonical, Debian, File\ 3 Ubuntu Linux, Debian Linux, \ 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.