Filtered by vendor Canonical
Subscribe
Total
4214 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1333 | 4 Apache, Canonical, Netapp and 1 more | 6 Http Server, Ubuntu Linux, Cloud Backup and 3 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33). | |||||
| CVE-2018-19489 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2023-11-07 | 1.9 LOW | 4.7 MEDIUM |
| v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. | |||||
| CVE-2018-19931 | 3 Canonical, Gnu, Netapp | 3 Ubuntu Linux, Binutils, Vasa Provider | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted. | |||||
| CVE-2018-1312 | 5 Apache, Canonical, Debian and 2 more | 14 Http Server, Ubuntu Linux, Debian Linux and 11 more | 2023-11-07 | 6.8 MEDIUM | 9.8 CRITICAL |
| In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection. | |||||
| CVE-2018-1123 | 3 Canonical, Debian, Procps-ng Project | 3 Ubuntu Linux, Debian Linux, Procps-ng | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service). | |||||
| CVE-2018-19210 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset. | |||||
| CVE-2018-1283 | 5 Apache, Canonical, Debian and 2 more | 8 Http Server, Ubuntu Linux, Debian Linux and 5 more | 2023-11-07 | 3.5 LOW | 5.3 MEDIUM |
| In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_session to forward its data to CGIs, since the prefix "HTTP_" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications. | |||||
| CVE-2018-18898 | 4 Bestpractical, Canonical, Debian and 1 more | 4 Request Tracker, Ubuntu Linux, Debian Linux and 1 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. | |||||
| CVE-2018-19477 | 4 Artifex, Canonical, Debian and 1 more | 10 Ghostscript, Ubuntu Linux, Debian Linux and 7 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion. | |||||
| CVE-2018-1303 | 4 Apache, Canonical, Debian and 1 more | 7 Http Server, Ubuntu Linux, Debian Linux and 4 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability. | |||||
| CVE-2018-1083 | 4 Canonical, Debian, Redhat and 1 more | 6 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 3 more | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation. | |||||
| CVE-2018-18314 | 5 Canonical, Debian, Netapp and 2 more | 8 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 5 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||||
| CVE-2018-18311 | 8 Apple, Canonical, Debian and 5 more | 18 Mac Os X, Ubuntu Linux, Debian Linux and 15 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||||
| CVE-2018-19476 | 4 Artifex, Canonical, Debian and 1 more | 10 Ghostscript, Ubuntu Linux, Debian Linux and 7 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion. | |||||
| CVE-2018-19518 | 4 Canonical, Debian, Php and 1 more | 4 Ubuntu Linux, Debian Linux, Php and 1 more | 2023-11-07 | 8.5 HIGH | 7.5 HIGH |
| University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection, which might allow remote attackers to execute arbitrary OS commands if the IMAP server name is untrusted input (e.g., entered by a user of a web application) and if rsh has been replaced by a program with different argument semantics. For example, if rsh is a link to ssh (as seen on Debian and Ubuntu systems), then the attack can use an IMAP server name containing a "-oProxyCommand" argument. | |||||
| CVE-2018-1060 | 5 Canonical, Debian, Fedoraproject and 2 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service. | |||||
| CVE-2018-18356 | 5 Canonical, Debian, Google and 2 more | 10 Ubuntu Linux, Debian Linux, Chrome and 7 more | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-19409 | 4 Artifex, Canonical, Debian and 1 more | 8 Ghostscript, Ubuntu Linux, Debian Linux and 5 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used. | |||||
| CVE-2018-18409 | 3 Canonical, Digitalcorpora, Fedoraproject | 3 Ubuntu Linux, Tcpflow, Fedora | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call. | |||||
| CVE-2018-1061 | 5 Canonical, Debian, Fedoraproject and 2 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service. | |||||