Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-3600 |
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code. Published: January 08, 2024; 2:15:08 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-3328 |
Race condition in snap-confine's must_mkdir_and_open_with_perms() Published: January 08, 2024; 1:15:45 PM -0500 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2022-2602 |
io_uring UAF, Unix SCM garbage collection Published: January 08, 2024; 1:15:45 PM -0500 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2022-2588 |
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. Published: January 08, 2024; 1:15:44 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-2586 |
It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. Published: January 08, 2024; 1:15:44 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-1523 |
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console. Published: September 01, 2023; 3:15:42 PM -0400 |
V3.1: 10.0 CRITICAL V2.0:(not available) |
CVE-2023-1786 |
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege. Published: April 26, 2023; 7:15:08 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-1184 |
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service. Published: August 29, 2022; 11:15:10 AM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2020-15862 |
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. Published: August 19, 2020; 9:17:13 PM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2020-15103 |
In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a `memcpy`) This has been fixed in 2.2.0. As a workaround, stop using command line arguments /gfx, /gfx-h264 and /network:auto Published: July 27, 2020; 2:15:13 PM -0400 |
V3.1: 3.5 LOW V2.0: 3.5 LOW |
CVE-2020-4033 |
In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2. Published: June 22, 2020; 6:15:13 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 6.4 MEDIUM |
CVE-2020-4032 |
In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2. Published: June 22, 2020; 6:15:13 PM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-4031 |
In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2. Published: June 22, 2020; 6:15:13 PM -0400 |
V3.1: 7.5 HIGH V2.0: 4.3 MEDIUM |
CVE-2020-4030 |
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2. Published: June 22, 2020; 6:15:13 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 6.4 MEDIUM |
CVE-2020-11099 |
In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2. Published: June 22, 2020; 6:15:12 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 6.4 MEDIUM |
CVE-2020-11098 |
In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2. Published: June 22, 2020; 6:15:12 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 5.8 MEDIUM |
CVE-2020-11097 |
In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2. Published: June 22, 2020; 6:15:12 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 5.5 MEDIUM |
CVE-2020-11096 |
In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2. Published: June 22, 2020; 6:15:12 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 6.4 MEDIUM |
CVE-2020-11095 |
In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2. Published: June 22, 2020; 6:15:11 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 5.5 MEDIUM |
CVE-2020-13398 |
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c. Published: May 22, 2020; 2:15:11 PM -0400 |
V3.1: 8.3 HIGH V2.0: 6.5 MEDIUM |