Filtered by vendor Canonical
Subscriptions
Total
4288 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-5370 | 3 Canonical, Redhat, Samba | 7 Ubuntu Linux, Enterprise Linux, Rhel Aus and 4 more | 2025-04-12 | N/A |
| Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors. | ||||
| CVE-2016-5338 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2025-04-12 | 7.8 High |
| The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer. | ||||
| CVE-2013-6438 | 4 Apache, Canonical, Oracle and 1 more | 6 Http Server, Ubuntu Linux, Http Server and 3 more | 2025-04-12 | N/A |
| The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request. | ||||
| CVE-2014-8559 | 7 Canonical, Linux, Novell and 4 more | 14 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Desktop and 11 more | 2025-04-12 | 5.5 Medium |
| The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. | ||||
| CVE-2014-0459 | 4 Canonical, Debian, Oracle and 1 more | 7 Ubuntu Linux, Debian Linux, Jdk and 4 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D. | ||||
| CVE-2016-5829 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2025-04-12 | 7.8 High |
| Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call. | ||||
| CVE-2016-3501 | 3 Canonical, Oracle, Redhat | 3 Ubuntu Linux, Mysql, Rhel Software Collections | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. | ||||
| CVE-2014-9323 | 4 Canonical, Debian, Firebirdsql and 1 more | 4 Ubuntu Linux, Debian Linux, Firebird and 1 more | 2025-04-12 | N/A |
| The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status. | ||||
| CVE-2014-6416 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2025-04-12 | N/A |
| Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket. | ||||
| CVE-2015-2611 | 3 Canonical, Oracle, Redhat | 3 Ubuntu Linux, Mysql, Rhel Software Collections | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML. | ||||
| CVE-2014-6418 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2025-04-12 | N/A |
| net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor. | ||||
| CVE-2014-5353 | 7 Canonical, Debian, Fedoraproject and 4 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2025-04-12 | N/A |
| The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy. | ||||
| CVE-2015-1241 | 6 Canonical, Debian, Google and 3 more | 12 Ubuntu Linux, Debian Linux, Chrome and 9 more | 2025-04-12 | N/A |
| Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack. | ||||
| CVE-2014-2241 | 2 Canonical, Freetype | 2 Ubuntu Linux, Freetype | 2025-04-12 | N/A |
| The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file. | ||||
| CVE-2016-2117 | 4 Canonical, Linux, Oracle and 1 more | 5 Ubuntu Linux, Linux Kernel, Vm Server and 2 more | 2025-04-12 | N/A |
| The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data. | ||||
| CVE-2014-0458 | 4 Canonical, Debian, Oracle and 1 more | 8 Ubuntu Linux, Debian Linux, Jdk and 5 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423. | ||||
| CVE-2016-2858 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2025-04-12 | 6.5 Medium |
| QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption. | ||||
| CVE-2014-0474 | 3 Canonical, Djangoproject, Redhat | 3 Ubuntu Linux, Django, Openstack | 2025-04-12 | N/A |
| The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting." | ||||
| CVE-2014-0211 | 3 Canonical, Redhat, X | 3 Ubuntu Linux, Enterprise Linux, Libxfont | 2025-04-12 | N/A |
| Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow. | ||||
| CVE-2014-9709 | 6 Canonical, Debian, Libgd and 3 more | 7 Ubuntu Linux, Debian Linux, Libgd and 4 more | 2025-04-12 | N/A |
| The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function. | ||||