Summary
Detail | |||
---|---|---|---|
Vendor | Canonical | First view | 2016-03-09 |
Product | Ubuntu Linux | Last view | 2021-04-17 |
Version | 17.10 | Type | Os |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:o:canonical:ubuntu_linux |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.8 | 2021-04-17 | CVE-2021-3493 | The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges. |
7.8 | 2021-04-17 | CVE-2021-3492 | Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562. |
7.5 | 2019-01-16 | CVE-2018-5733 | A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0. |
7.5 | 2019-01-16 | CVE-2017-3144 | A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested. |
5.5 | 2019-01-11 | CVE-2018-4181 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. |
7.8 | 2019-01-11 | CVE-2018-4180 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. |
8.8 | 2018-12-07 | CVE-2018-5802 | An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. |
6.5 | 2018-12-07 | CVE-2018-5801 | An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. |
6.5 | 2018-12-07 | CVE-2018-5800 | An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. |
6.5 | 2018-12-07 | CVE-2017-16910 | An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition. |
8.8 | 2018-12-07 | CVE-2017-16909 | An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image. |
9.8 | 2018-10-18 | CVE-2018-5188 | Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
9.8 | 2018-10-18 | CVE-2018-5187 | Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61. |
9.8 | 2018-10-18 | CVE-2018-5186 | Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 61. |
9.8 | 2018-10-18 | CVE-2018-5156 | A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
4.3 | 2018-10-18 | CVE-2018-12374 | Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9. |
6.5 | 2018-10-18 | CVE-2018-12373 | dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
6.5 | 2018-10-18 | CVE-2018-12372 | Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
8.8 | 2018-10-18 | CVE-2018-12370 | In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox < 61. |
9.8 | 2018-10-18 | CVE-2018-12369 | WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR < 60.1 and Firefox < 61. |
4.3 | 2018-10-18 | CVE-2018-12367 | In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTiming was not adjusted but it was found that it could be used as a precision timer. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61. |
6.5 | 2018-10-18 | CVE-2018-12366 | An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
6.5 | 2018-10-18 | CVE-2018-12365 | A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
8.8 | 2018-10-18 | CVE-2018-12364 | NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
8.8 | 2018-10-18 | CVE-2018-12363 | A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
15% (63) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
10% (43) | CWE-125 | Out-of-bounds Read |
8% (34) | CWE-772 | Missing Release of Resource after Effective Lifetime |
7% (30) | CWE-787 | Out-of-bounds Write |
7% (29) | CWE-416 | Use After Free |
6% (26) | CWE-476 | NULL Pointer Dereference |
6% (26) | CWE-200 | Information Exposure |
6% (25) | CWE-20 | Improper Input Validation |
5% (23) | CWE-190 | Integer Overflow or Wraparound |
3% (12) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
2% (9) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
1% (7) | CWE-770 | Allocation of Resources Without Limits or Throttling |
1% (5) | CWE-346 | Origin Validation Error |
1% (5) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
1% (4) | CWE-362 | Race Condition |
1% (4) | CWE-203 | Information Exposure Through Discrepancy |
1% (4) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
0% (3) | CWE-415 | Double Free |
0% (2) | CWE-674 | Uncontrolled Recursion |
0% (2) | CWE-617 | Reachable Assertion |
0% (2) | CWE-369 | Divide By Zero |
0% (2) | CWE-352 | Cross-Site Request Forgery (CSRF) |
0% (2) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
0% (2) | CWE-326 | Inadequate Encryption Strength |
0% (2) | CWE-320 | Key Management Errors |
SAINT Exploits
Description | Link |
---|---|
Exim SMTP listener base64d function one-character buffer overflow | More info here |
Snort® IPS/IDS
Date | Description |
---|---|
2020-03-17 | Apple Safari Webkit WebCore memory corruption attempt RuleID : 53101 - Type : BROWSER-WEBKIT - Revision : 1 |
2020-03-17 | Apple Safari Webkit WebCore memory corruption attempt RuleID : 53100 - Type : BROWSER-WEBKIT - Revision : 1 |
2019-10-23 | PHP http fopen stack buffer overflow attempt RuleID : 51578 - Type : SERVER-WEBAPP - Revision : 1 |
2018-12-11 | CVE PHP infinite loop from use of stream filter and convert.iconv file upload... RuleID : 48354 - Type : SERVER-WEBAPP - Revision : 2 |
2018-11-10 | libvorbis VORBIS audio data out of bounds write attempt RuleID : 48106 - Type : FILE-MULTIMEDIA - Revision : 1 |
2018-11-10 | libvorbis VORBIS audio data out of bounds write attempt RuleID : 48105 - Type : FILE-MULTIMEDIA - Revision : 1 |
2018-10-09 | Memcached DDoS attempt RuleID : 47726 - Type : SERVER-OTHER - Revision : 1 |
2018-10-09 | Memcached DDoS attempt RuleID : 47725 - Type : SERVER-OTHER - Revision : 1 |
2018-10-09 | Memcached DDoS attempt RuleID : 47724 - Type : SERVER-OTHER - Revision : 1 |
2018-09-19 | ntpq decode array buffer overflow attempt RuleID : 47585 - Type : SERVER-OTHER - Revision : 4 |
2018-09-18 | LibreOffice WEBSERVICE arbitrary file disclosure attempt RuleID : 47566 - Type : FILE-OFFICE - Revision : 1 |
2018-09-18 | LibreOffice WEBSERVICE arbitrary file disclosure attempt RuleID : 47565 - Type : FILE-OFFICE - Revision : 1 |
2018-09-18 | EHLO user overflow attempt RuleID : 47541 - Type : SERVER-MAIL - Revision : 2 |
2018-07-26 | Apple WebKit memory corruption attempt RuleID : 47023 - Type : BROWSER-WEBKIT - Revision : 1 |
2018-07-26 | Apple WebKit memory corruption attempt RuleID : 47022 - Type : BROWSER-WEBKIT - Revision : 1 |
2018-07-10 | Microsoft Windows Interrupt Service Routine stack rollback attempt RuleID : 46910 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows Interrupt Service Routine stack rollback attempt RuleID : 46909 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows processor modification return to user-mode attempt RuleID : 46908 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows processor modification return to user-mode attempt RuleID : 46907 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows malicious CONTEXT structure creation attempt RuleID : 46906 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows malicious CONTEXT structure creation attempt RuleID : 46905 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows SYSTEM token stealing attempt RuleID : 46904 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows SYSTEM token stealing attempt RuleID : 46903 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46835 - Type : OS-WINDOWS - Revision : 1 |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46834 - Type : OS-WINDOWS - Revision : 1 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-18 | Name: The remote Fedora host is missing a security update. File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO |
2019-01-14 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2019-011-01.nasl - Type: ACT_GATHER_INFO |
2019-01-14 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2019-013-01.nasl - Type: ACT_GATHER_INFO |
2019-01-11 | Name: The remote device is missing a vendor-supplied security patch. File: juniper_jsa10919.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1139.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2019-1142.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO |
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
2019-01-08 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2019-1002.nasl - Type: ACT_GATHER_INFO |
2019-01-08 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2019-1009.nasl - Type: ACT_GATHER_INFO |
2019-01-08 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2019-1010.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-00e90783d2.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-0132af2176.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-043bd3349e.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-04eded822e.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-118b9abf99.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-11b37d7a68.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-12b934e224.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-1c9f6768cf.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-1ce5098a2d.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-1ea5beb4cf.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-237e9b550c.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2513b888a4.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2c965abb15.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2f696a3be3.nasl - Type: ACT_GATHER_INFO |