Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-15275 |
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. Published: November 27, 2017; 5:29:00 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-14746 |
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request. Published: November 27, 2017; 5:29:00 PM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-14176 |
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117. Published: November 27, 2017; 5:29:00 AM -0500 |
V3.0: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2017-8806 |
The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local denial of service by overwriting arbitrary files. Published: November 13, 2017; 4:29:00 AM -0500 |
V3.1: 5.5 MEDIUM V2.0: 3.6 LOW |
CVE-2017-13088 |
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.9 LOW |
CVE-2017-13087 |
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.9 LOW |
CVE-2017-13086 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 6.8 MEDIUM V2.0: 5.4 MEDIUM |
CVE-2017-13084 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 6.8 MEDIUM V2.0: 5.4 MEDIUM |
CVE-2017-13082 |
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 8.1 HIGH V2.0: 5.8 MEDIUM |
CVE-2017-13081 |
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.9 LOW |
CVE-2017-13080 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.9 LOW |
CVE-2017-13079 |
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.9 LOW |
CVE-2017-13078 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. Published: October 17, 2017; 9:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 2.9 LOW |
CVE-2017-13077 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Published: October 16, 2017; 10:29:00 PM -0400 |
V3.0: 6.8 MEDIUM V2.0: 5.4 MEDIUM |
CVE-2017-14491 |
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Published: October 03, 2017; 9:29:02 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-14496 |
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Published: October 02, 2017; 9:29:02 PM -0400 |
V3.0: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2017-14495 |
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. Published: October 02, 2017; 9:29:02 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-14494 |
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. Published: October 02, 2017; 9:29:02 PM -0400 |
V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-14493 |
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. Published: October 02, 2017; 9:29:02 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-14492 |
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. Published: October 02, 2017; 9:29:02 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |