Vulnerabilities (CVE)

Filtered by vendor Ubuntu Subscribe
Filtered by product Ubuntu
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-14461 3 Debian, Dovecot, Ubuntu 3 Debian Linux, Dovecot, Ubuntu 2024-11-21 5.5 MEDIUM 5.9 MEDIUM
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server.
CVE-2015-5479 3 Libav, Opensuse, Ubuntu 3 Libav, Leap, Ubuntu 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions.
CVE-2015-2150 3 Linux, Ubuntu, Xen 3 Linux Kernel, Ubuntu, Xen 2024-11-21 4.9 MEDIUM N/A
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
CVE-2013-2186 2 Redhat, Ubuntu 5 Jboss Enterprise Brms Platform, Jboss Enterprise Portal Platform, Jboss Enterprise Web Server and 2 more 2024-11-21 7.5 HIGH N/A
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.
CVE-2009-1296 1 Ubuntu 2 73-oubuntu, Ubuntu 2024-11-21 1.9 LOW N/A
The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root.
CVE-2009-1295 2 Apport, Ubuntu 2 Apport, Ubuntu 2024-11-21 1.9 LOW N/A
Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors.