Filtered by vendor Canonical
Subscribe
Total
4214 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9117 | 2 Canonical, Libtiff | 2 Ubuntu Linux, Libtiff | 2025-01-08 | 7.5 HIGH | 9.8 CRITICAL |
| In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7 release). | |||||
| CVE-2017-18017 | 9 Arista, Canonical, Debian and 6 more | 29 Eos, Ubuntu Linux, Debian Linux and 26 more | 2025-01-03 | 10.0 HIGH | 9.8 CRITICAL |
| The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. | |||||
| CVE-2024-0115 | 2 Canonical, Nvidia | 3 Ubuntu Linux, Cv-cuda, Jetpack Software Development Kit | 2024-12-26 | N/A | 6.1 MEDIUM |
| NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. A successful exploit of this vulnerability may lead to denial of service and data loss. | |||||
| CVE-2024-5493 | 3 Canonical, Fedoraproject, Google | 3 Ubuntu Linux, Fedora, Chrome | 2024-12-26 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-6773 | 2 Canonical, Google | 2 Ubuntu Linux, Chrome | 2024-12-26 | N/A | 8.8 HIGH |
| Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-45866 | 6 Apple, Bluproducts, Canonical and 3 more | 16 Ipados, Iphone Os, Iphone Se and 13 more | 2024-12-12 | N/A | 6.3 MEDIUM |
| Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. | |||||
| CVE-2019-12749 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Dbus | 2024-12-06 | 3.6 LOW | 7.1 HIGH |
| dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass. | |||||
| CVE-2020-10108 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-25 | 7.5 HIGH | 9.8 CRITICAL |
| In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request. | |||||
| CVE-2020-10109 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-25 | 7.5 HIGH | 9.8 CRITICAL |
| In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request. | |||||
| CVE-2019-12387 | 4 Canonical, Fedoraproject, Oracle and 1 more | 5 Ubuntu Linux, Fedora, Solaris and 2 more | 2024-11-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. | |||||
| CVE-2024-36388 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2024-11-21 | N/A | 9.8 CRITICAL |
| MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function | |||||
| CVE-2024-36391 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2024-11-21 | N/A | 7.4 HIGH |
| MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic | |||||
| CVE-2016-5118 | 7 Canonical, Debian, Graphicsmagick and 4 more | 14 Ubuntu Linux, Debian Linux, Graphicsmagick and 11 more | 2024-11-19 | 10.0 HIGH | 9.8 CRITICAL |
| The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. | |||||
| CVE-2014-9854 | 4 Canonical, Imagemagick, Opensuse and 1 more | 7 Ubuntu Linux, Imagemagick, Leap and 4 more | 2024-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." | |||||
| CVE-2014-9848 | 4 Canonical, Imagemagick, Opensuse and 1 more | 10 Ubuntu Linux, Imagemagick, Leap and 7 more | 2024-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). | |||||
| CVE-2014-9853 | 6 Canonical, Imagemagick, Novell and 3 more | 11 Ubuntu Linux, Imagemagick, Leap and 8 more | 2024-11-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. | |||||
| CVE-2022-4968 | 1 Canonical | 1 Netplan | 2024-10-30 | N/A | 6.5 MEDIUM |
| netplan leaks the private key of wireguard to local users. Versions after 1.0 are not affected. | |||||
| CVE-2022-28654 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-10-27 | N/A | 5.5 MEDIUM |
| is_closing_session() allows users to fill up apport.log | |||||
| CVE-2022-28655 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-10-27 | N/A | 7.1 HIGH |
| is_closing_session() allows users to create arbitrary tcp dbus connections | |||||
| CVE-2022-28658 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-10-27 | N/A | 5.5 MEDIUM |
| Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing | |||||