Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
There are 111 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2016-9950

An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system.

Published: December 16, 2016; 10:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.

Published: December 16, 2016; 10:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2015-1328

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

Published: November 27, 2016; 10:59:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-4805

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.

Published: May 23, 2016; 6:59:13 AM -0400
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2016-0794

The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document.

Published: February 18, 2016; 4:59:01 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2015-2661

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.

Published: July 16, 2015; 7:00:20 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2014-9402

The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.

Published: February 24, 2015; 10:59:02 AM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2015-0222

ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.

Published: January 16, 2015; 11:59:21 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-0221

The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file.

Published: January 16, 2015; 11:59:20 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-0220

The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL, related to redirect URLs, as demonstrated by a "\njavascript:" URL.

Published: January 16, 2015; 11:59:19 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-9471

The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command.

Published: January 16, 2015; 11:59:08 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-8080

The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.

Published: November 03, 2014; 11:55:07 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-0476

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

Published: October 25, 2014; 6:55:04 PM -0400
V3.x:(not available)
V2.0: 3.7 LOW
CVE-2014-3564

Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."

Published: October 20, 2014; 1:55:05 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-3686

wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.

Published: October 15, 2014; 8:55:05 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-3633

The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.

Published: October 06, 2014; 10:55:10 AM -0400
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2014-3618

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."

Published: September 08, 2014; 10:55:02 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-5033

KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."

Published: August 19, 2014; 2:55:03 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2014-3528

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm.

Published: August 19, 2014; 2:55:02 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2014-3522

The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

Published: August 19, 2014; 2:55:02 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM