National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:canonical:ubuntu_linux:14.10
There are 225 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2014-9092

libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.

Published: October 10, 2017; 09:29:00 AM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-3643

usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the KVMTest method.

Published: September 27, 2017; 09:29:00 PM -04:00
V3: 7.8 HIGH
V2: 4.6 MEDIUM
CVE-2015-1395

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.

Published: August 25, 2017; 02:29:00 PM -04:00
V3: 7.5 HIGH
V2: 7.8 HIGH
CVE-2015-1325

Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges.

Published: August 25, 2017; 02:29:00 PM -04:00
V3: 7.0 HIGH
V2: 6.9 MEDIUM
CVE-2015-1324

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.

Published: August 25, 2017; 02:29:00 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2014-9637

GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.

Published: August 25, 2017; 02:29:00 PM -04:00
V3: 5.5 MEDIUM
V2: 7.1 HIGH
CVE-2015-1323

The simulate dbus method in aptdaemon before 1.1.1+bzr982-0ubuntu3.1 as packaged in Ubuntu 15.04, before 1.1.1+bzr980-0ubuntu1.1 as packaged in Ubuntu 14.10, before 1.1.1-1ubuntu5.2 as packaged in Ubuntu 14.04 LTS, before 0.43+bzr805-0ubuntu10 as packaged in Ubuntu 12.04 LTS allows local users to obtain sensitive information, or access files with root permissions.

Published: July 21, 2017; 10:29:00 AM -04:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2015-1328

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

Published: November 27, 2016; 10:59:00 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2015-1779

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.

Published: January 12, 2016; 02:59:00 PM -05:00
V3: 8.6 HIGH
V2: 7.8 HIGH
CVE-2015-4772

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

Published: July 16, 2015; 07:01:02 AM -04:00
V2: 4.0 MEDIUM
CVE-2015-4771

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.

Published: July 16, 2015; 07:01:02 AM -04:00
V2: 3.5 LOW
CVE-2015-4769

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4767.

Published: July 16, 2015; 07:01:00 AM -04:00
V2: 3.5 LOW
CVE-2015-4767

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769.

Published: July 16, 2015; 07:00:58 AM -04:00
V2: 1.7 LOW
CVE-2015-4761

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.

Published: July 16, 2015; 07:00:54 AM -04:00
V2: 3.5 LOW
CVE-2015-4757

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

Published: July 16, 2015; 07:00:51 AM -04:00
V2: 3.5 LOW
CVE-2015-4752

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.

Published: July 16, 2015; 07:00:46 AM -04:00
V2: 4.0 MEDIUM
CVE-2015-4737

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.

Published: July 16, 2015; 07:00:32 AM -04:00
V2: 3.5 LOW
CVE-2015-2661

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.

Published: July 16, 2015; 07:00:20 AM -04:00
V2: 2.1 LOW
CVE-2015-2648

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Published: July 16, 2015; 07:00:08 AM -04:00
V2: 4.0 MEDIUM
CVE-2015-2643

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

Published: July 16, 2015; 07:00:03 AM -04:00
V2: 4.0 MEDIUM