CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Canonical » Ubuntu Linux : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-4171 200 +Info 2015-06-10 2015-06-11
2.6
None Remote High Not required Partial None None
strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.
2 CVE-2015-3905 119 DoS Exec Code Overflow 2015-06-08 2015-06-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
3 CVE-2015-3451 2015-05-12 2015-05-14
5.0
None Remote Low Not required Partial None None
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via a crafted XML data to the (1) new or (2) load_xml function.
4 CVE-2015-3409 +Priv 2015-05-19 2015-06-25
7.2
None Local Low Not required Complete Complete Complete
Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.
5 CVE-2015-3408 77 Exec Code 2015-05-19 2015-05-20
10.0
None Remote Low Not required Complete Complete Complete
Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.
6 CVE-2015-3407 284 Bypass 2015-05-19 2015-05-20
5.0
None Remote Low Not required None Partial None
Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files.
7 CVE-2015-3165 DoS 2015-05-28 2015-06-30
4.3
None Remote Medium Not required None None Partial
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
8 CVE-2015-3153 200 +Info 2015-05-01 2015-05-11
5.0
None Remote Low Not required Partial None None
The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents.
9 CVE-2015-3148 284 2015-04-24 2015-05-11
5.0
None Remote Low Not required None Partial None
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
10 CVE-2015-3145 119 DoS Overflow 2015-04-24 2015-05-11
7.5
None Remote Low Not required Partial Partial Partial
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
11 CVE-2015-3144 119 DoS Overflow 2015-04-24 2015-05-11
7.5
None Remote Low Not required Partial Partial Partial
The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "http://:80" and ":80."
12 CVE-2015-3143 264 2015-04-24 2015-05-11
5.0
None Remote Low Not required None Partial None
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
13 CVE-2015-2806 119 Overflow 2015-04-10 2015-05-05
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.
14 CVE-2015-2775 22 Dir. Trav. 2015-04-13 2015-07-05
7.6
None Remote High Not required Complete Complete Complete
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
15 CVE-2015-2668 399 DoS 2015-05-12 2015-07-02
5.0
None Remote Low Not required None None Partial
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.
16 CVE-2015-2316 399 DoS 2015-03-25 2015-05-11
5.0
None Remote Low Not required None None Partial
The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string.
17 CVE-2015-2301 DoS 2015-03-30 2015-05-21
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.
18 CVE-2015-2296 2015-03-18 2015-04-22
6.8
None Remote Medium Not required Partial Partial Partial
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.
19 CVE-2015-2265 77 Exec Code 2015-03-24 2015-04-13
7.5
None Remote Low Not required Partial Partial Partial
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.
20 CVE-2015-2222 399 DoS 2015-05-12 2015-05-13
5.0
None Remote Low Not required None None Partial
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.
21 CVE-2015-2221 399 DoS 2015-05-12 2015-05-13
5.0
None Remote Low Not required None None Partial
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.
22 CVE-2015-2170 399 DoS 2015-05-12 2015-05-14
5.0
None Remote Low Not required None None Partial
The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
23 CVE-2015-1863 119 DoS Exec Code Overflow 2015-04-28 2015-06-17
5.8
None Local Network Low Not required Partial Partial Partial
Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.
24 CVE-2015-1803 DoS Exec Code 2015-03-20 2015-05-11
8.5
None Remote Medium Single system Complete Complete Complete
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file.
25 CVE-2015-1774 119 DoS Exec Code Overflow 2015-04-28 2015-05-11
6.8
None Remote Medium Not required Partial Partial Partial
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
26 CVE-2015-1572 119 Exec Code Overflow 2015-02-24 2015-03-31
4.6
None Local Low Not required Partial Partial Partial
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.
27 CVE-2015-1346 DoS 2015-01-22 2015-03-09
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
28 CVE-2015-1330 287 2015-07-01 2015-07-02
6.8
None Remote Medium Not required Partial Partial Partial
unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors.
29 CVE-2015-1322 22 Dir. Trav. 2015-04-29 2015-04-30
4.6
None Local Low Not required Partial Partial Partial
Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or ready arbitrary files via a .. (dot dot) in the file name in a request to read modem device contexts (com.canonical.NMOfono.ReadImsiContexts).
30 CVE-2015-1321 DoS Exec Code 2015-04-29 2015-04-30
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the file picker implementation in Oxide before 1.6.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted webpage.
31 CVE-2015-1317 DoS Exec Code 2015-04-08 2015-04-13
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by deleting all WebContents while a RenderProcessHost instance still exists.
32 CVE-2015-1315 119 Exec Code Overflow 2015-02-23 2015-02-24
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.
33 CVE-2015-1205 DoS 2015-01-22 2015-03-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
34 CVE-2015-0840 284 Bypass 2015-04-13 2015-04-14
4.3
None Remote Medium Not required None Partial None
The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc).
35 CVE-2015-0831 DoS Exec Code Mem. Corr. 2015-02-25 2015-03-26
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
36 CVE-2015-0250 DoS 2015-03-24 2015-04-14
6.4
None Remote Low Not required Partial None Partial
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
37 CVE-2015-0247 119 Exec Code Overflow 2015-02-17 2015-03-31
4.6
None Local Low Not required Partial Partial Partial
Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.
38 CVE-2015-0240 17 Exec Code 2015-02-23 2015-05-11
10.0
None Remote Low Not required Complete Complete Complete
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
39 CVE-2015-0239 362 DoS +Priv 2015-03-02 2015-03-25
4.7
None Local High Not required None Partial Complete
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction.
40 CVE-2015-0222 17 DoS 2015-01-16 2015-04-17
5.0
None Remote Low Not required None None Partial
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.
41 CVE-2015-0221 399 DoS 2015-01-16 2015-04-17
5.0
None Remote Low Not required None None Partial
The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file.
42 CVE-2015-0220 79 XSS 2015-01-16 2015-04-17
4.3
None Remote Medium Not required None Partial None
The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL, related to redirect URLs, as demonstrated by a "\njavascript:" URL.
43 CVE-2014-9683 189 DoS Overflow +Priv 2015-03-03 2015-03-26
3.6
None Local Low Not required None Partial Partial
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename.
44 CVE-2014-9675 264 Bypass 2015-02-08 2015-04-02
5.0
None Remote Low Not required Partial None None
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
45 CVE-2014-9674 DoS Overflow 2015-02-08 2015-04-02
7.5
None Remote Low Not required Partial Partial Partial
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
46 CVE-2014-9673 119 DoS Overflow 2015-02-08 2015-04-02
6.8
None Remote Medium Not required Partial Partial Partial
Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
47 CVE-2014-9671 DoS 2015-02-08 2015-04-02
4.3
None Remote Medium Not required None None Partial
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
48 CVE-2014-9669 189 DoS Overflow Mem. Corr. 2015-02-08 2015-04-02
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
49 CVE-2014-9668 119 DoS Overflow 2015-02-08 2015-04-02
7.5
None Remote Low Not required Partial Partial Partial
The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file.
50 CVE-2014-9666 189 DoS Overflow 2015-02-08 2015-04-02
6.8
None Remote Medium Not required Partial Partial Partial
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
Total number of vulnerabilities : 219   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.