Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-2265 |
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707. Published: March 24, 2015; 1:59:09 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-0250 |
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file. Published: March 24, 2015; 1:59:00 PM -0400 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2015-1804 |
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file. Published: March 20, 2015; 10:59:03 AM -0400 |
V3.x:(not available) V2.0: 8.5 HIGH |
CVE-2015-1803 |
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file. Published: March 20, 2015; 10:59:02 AM -0400 |
V3.x:(not available) V2.0: 8.5 HIGH |
CVE-2015-1802 |
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property count in a BDF font file. Published: March 20, 2015; 10:59:00 AM -0400 |
V3.x:(not available) V2.0: 8.5 HIGH |
CVE-2015-2296 |
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect. Published: March 18, 2015; 12:59:03 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-1421 |
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data. Published: March 16, 2015; 6:59:06 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-2304 |
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive. Published: March 15, 2015; 3:59:00 PM -0400 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2015-0254 |
Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag. Published: March 09, 2015; 10:59:04 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-2238 |
Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Published: March 08, 2015; 8:59:28 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1231 |
Multiple unspecified vulnerabilities in Google Chrome before 41.0.2272.76 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Published: March 08, 2015; 8:59:23 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1230 |
The getHiddenProperty function in bindings/core/v8/V8EventListenerList.h in Blink, as used in Google Chrome before 41.0.2272.76, has a name conflict with the AudioContext class, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that adds an AudioContext event listener and triggers "type confusion." Published: March 08, 2015; 8:59:22 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1229 |
net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 (aka Proxy Authentication Required) HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response. Published: March 08, 2015; 8:59:22 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-1228 |
The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted Cascading Style Sheets (CSS) token sequence. Published: March 08, 2015; 8:59:21 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1220 |
Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF image. Published: March 08, 2015; 8:59:13 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-1219 |
Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted allocation of a large amount of memory during WebGL rendering. Published: March 08, 2015; 8:59:12 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1218 |
Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp. Published: March 08, 2015; 8:59:10 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1217 |
The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." Published: March 08, 2015; 8:59:09 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1216 |
Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a frame detachment. Published: March 08, 2015; 8:59:08 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1215 |
The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation. Published: March 08, 2015; 8:59:06 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |