U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
There are 269 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2015-2775

Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.

Published: April 13, 2015; 10:59:02 AM -0400
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2015-0840

The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc).

Published: April 13, 2015; 10:59:01 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-2806

Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.

Published: April 10, 2015; 11:00:05 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2015-1317

Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by deleting all WebContents while a RenderProcessHost instance still exists.

Published: April 08, 2015; 2:59:05 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1473

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call.

Published: April 08, 2015; 6:59:03 AM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2015-1472

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.

Published: April 08, 2015; 6:59:02 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-0799

The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header.

Published: April 08, 2015; 6:59:01 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-1465

The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets.

Published: April 05, 2015; 5:59:01 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2015-2756

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.

Published: April 01, 2015; 10:59:08 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2015-0812

Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.

Published: April 01, 2015; 6:59:11 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-0811

The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.

Published: April 01, 2015; 6:59:10 AM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2015-0808

The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which might allow remote attackers to cause a denial of service (memory corruption) via unspecified vectors.

Published: April 01, 2015; 6:59:09 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-0806

The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content.

Published: April 01, 2015; 6:59:07 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-0805

The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors that trigger rendering of 2D graphics content.

Published: April 01, 2015; 6:59:06 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-0804

The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document containing a SOURCE element.

Published: April 01, 2015; 6:59:05 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-0803

The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document.

Published: April 01, 2015; 6:59:04 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-0802

Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.

Published: April 01, 2015; 6:59:03 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-2305

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.

Published: March 30, 2015; 6:59:11 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-2301

Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.

Published: March 30, 2015; 6:59:10 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-2317

The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.

Published: March 25, 2015; 10:59:04 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM