Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
There are 46 matching records.
Displaying matches 41 through 46.
Vuln ID Summary CVSS Severity

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."

Published: August 24, 2017; 10:29:00 AM -0400
V3.0: 7.5 HIGH
V2.0: 5.1 MEDIUM

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.

Published: July 25, 2017; 10:29:00 AM -0400
V3.0: 7.8 HIGH
V2.0: 4.6 MEDIUM

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate.

Published: June 08, 2017; 12:29:00 PM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM

git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.

Published: June 01, 2017; 12:29:00 PM -0400
V3.0: 8.8 HIGH
V2.0: 6.5 MEDIUM

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.

Published: May 12, 2017; 3:29:00 AM -0400
V3.0: 4.6 MEDIUM
V2.0: 2.1 LOW

hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.

Published: May 09, 2016; 6:59:41 AM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM