Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-3581 |
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header. Published: October 10, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-4608 |
Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says "the Linux kernel is *not* affected; media hype. Published: July 03, 2014; 12:22:15 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2014-0190 |
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image. Published: May 08, 2014; 10:29:13 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2013-5704 |
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." Published: April 15, 2014; 6:55:11 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2013-6424 |
Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. Published: January 18, 2014; 2:55:02 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2013-6410 |
nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partial match in the authfile configuration file. Published: December 07, 2013; 3:55:02 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-0211 |
Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow. Published: September 30, 2013; 6:55:04 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2012-3509 |
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow. Published: September 05, 2012; 7:55:01 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |