Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Filtered by product Ubuntu Linux
Total 4150 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-6414 2 Canonical, Openstack 2 Ubuntu Linux, Neutron 2024-11-21 4.0 MEDIUM N/A
OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
CVE-2014-6271 17 Apple, Arista, Canonical and 14 more 85 Mac Os X, Eos, Ubuntu Linux and 82 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
CVE-2014-6054 3 Canonical, Debian, Libvncserver 3 Ubuntu Linux, Debian Linux, Libvncserver 2024-11-21 4.3 MEDIUM N/A
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message.
CVE-2014-6053 3 Canonical, Debian, Libvncserver 3 Ubuntu Linux, Debian Linux, Libvncserver 2024-11-21 5.0 MEDIUM N/A
The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.
CVE-2014-6052 4 Canonical, Debian, Libvncserver and 1 more 4 Ubuntu Linux, Debian Linux, Libvncserver and 1 more 2024-11-21 7.5 HIGH N/A
The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message.
CVE-2014-5461 5 Canonical, Debian, Lua and 2 more 5 Ubuntu Linux, Debian Linux, Lua and 2 more 2024-11-21 5.0 MEDIUM N/A
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.
CVE-2014-5388 2 Canonical, Qemu 2 Ubuntu Linux, Qemu 2024-11-21 4.6 MEDIUM N/A
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption.
CVE-2014-5356 2 Canonical, Openstack 2 Ubuntu Linux, Image Registry And Delivery Service \(glance\) 2024-11-21 4.0 MEDIUM N/A
OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the image_size_cap configuration option, which allows remote authenticated users to cause a denial of service (disk consumption) by uploading a large image.
CVE-2014-5353 7 Canonical, Debian, Fedoraproject and 4 more 12 Ubuntu Linux, Debian Linux, Fedora and 9 more 2024-11-21 3.5 LOW N/A
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.
CVE-2014-5253 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2024-11-21 4.9 MEDIUM N/A
OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not properly revoke tokens when a domain is invalidated, which allows remote authenticated users to retain access via a domain-scoped token for that domain.
CVE-2014-5252 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2024-11-21 4.9 MEDIUM N/A
The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issued_at value for UUID v2 tokens, which allows remote authenticated users to bypass the token expiration and retain access via a verification (1) GET or (2) HEAD request to v3/auth/tokens/.
CVE-2014-5251 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2024-11-21 4.9 MEDIUM N/A
The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token.
CVE-2014-5207 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2024-11-21 6.2 MEDIUM N/A
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace.
CVE-2014-5206 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2024-11-21 7.2 HIGH N/A
The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace.
CVE-2014-5195 2 Ayatana Project, Canonical 2 Unity, Ubuntu Linux 2024-11-21 7.2 HIGH N/A
Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension.
CVE-2014-5077 4 Canonical, Linux, Redhat and 1 more 8 Ubuntu Linux, Linux Kernel, Enterprise Linux Eus and 5 more 2024-11-21 7.1 HIGH N/A
The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction.
CVE-2014-5033 3 Canonical, Debian, Kde 4 Ubuntu Linux, Kde4libs, Kauth and 1 more 2024-11-21 6.9 MEDIUM N/A
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."
CVE-2014-5031 2 Apple, Canonical 2 Cups, Ubuntu Linux 2024-11-21 5.0 MEDIUM N/A
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
CVE-2014-5030 2 Apple, Canonical 2 Cups, Ubuntu Linux 2024-11-21 1.9 LOW N/A
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.
CVE-2014-5029 2 Apple, Canonical 2 Cups, Ubuntu Linux 2024-11-21 1.5 LOW N/A
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.