This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Canonical First view 2018-01-21
Product Ubuntu Linux Last view 2020-01-03
Version 18.04 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:canonical:ubuntu_linux

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2020-01-03 CVE-2020-5311

libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.

7.5 2019-07-26 CVE-2019-13565

An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.

6.1 2018-08-03 CVE-2018-14574

django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.

8.3 2018-04-18 CVE-2018-2826

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

7.5 2018-01-21 CVE-2016-10708

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CWE : Common Weakness Enumeration

%idName
25% (1) CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
25% (1) CWE-476 NULL Pointer Dereference
25% (1) CWE-287 Improper Authentication
25% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...

Nessus® Vulnerability Scanner

id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-0c85690ba7.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-6fa1017c1d.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1254.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0130.nasl - Type: ACT_GATHER_INFO
2018-08-06 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4264.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0039.nasl - Type: ACT_GATHER_INFO
2018-03-20 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1068.nasl - Type: ACT_GATHER_INFO
2018-03-20 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1069.nasl - Type: ACT_GATHER_INFO
2017-08-25 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-2029.nasl - Type: ACT_GATHER_INFO