) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2013-6410 |
nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file. Published: December 07, 2013; 3:55:02 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2013-4474 |
Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename. Published: November 23, 2013; 6:55:04 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2013-4473 |
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename. Published: November 23, 2013; 6:55:04 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2013-0211 |
Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow. Published: September 30, 2013; 6:55:04 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2012-5689 |
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. Published: January 25, 2013; 7:00:46 AM -0500 |
V3.x:(not available) V2.0: 7.1 HIGH |
| CVE-2012-3509 |
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow. Published: September 05, 2012; 7:55:01 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2012-3425 |
The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image. Published: August 13, 2012; 4:55:09 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2009-4135 |
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. Published: December 11, 2009; 11:30:00 AM -0500 |
V3.x:(not available) V2.0: 4.4 MEDIUM |