This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Canonical First view 2005-05-13
Product Ubuntu Linux Last view 2020-05-19
Version 10.04 Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* 1642
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* 1350
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* 868
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* 631
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:* 465
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:* 322
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:* 304
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:* 231
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:* 216
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:* 197
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:* 131
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:* 125
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:* 111
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:* 104
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:* 86
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:* 85
cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:* 66
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:* 63
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:* 63
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:* 59
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:* 55
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* 51
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* 50
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:* 41
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:* 37
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:* 34
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:* 32
cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:* 31
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:* 30
cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:* 30
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:* 24
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:* 24
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:* 22
cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:* 21
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:* 12
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:lts:*:*:*:*:* 10
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:lts:*:*:*:*:* 9
cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:* 9
cpe:2.3:o:canonical:ubuntu_linux:15.1:*:*:*:*:*:*:* 7
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:* 5
cpe:2.3:o:canonical:ubuntu_linux:12.04:lts:*:*:*:*:*:* 4
cpe:2.3:o:canonical:ubuntu_linux:11.10:-:lts:*:*:*:*:* 4
cpe:2.3:o:canonical:ubuntu_linux:6.06:-:lts:*:*:*:*:* 4
cpe:2.3:o:canonical:ubuntu_linux:16.04.4:*:*:*:lts:*:*:* 4
cpe:2.3:o:canonical:ubuntu_linux:16.04.4:*:*:*:*:*:*:* 4
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:*:*:*:* 4
cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:* 3
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:esm:*:*:*:*:* 3
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:lts:*:*:* 2
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:* 1

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4.4 2020-05-19 CVE-2020-10724

A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing an information leak through an out-of-bounds memory read.

6.7 2020-05-19 CVE-2020-10723

A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption.

6.7 2020-05-19 CVE-2020-10722

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.

3.3 2020-05-15 CVE-2020-11931

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue affects: pulseaudio 1:8.0 versions prior to 1:8.0-0ubuntu3.12; 1:11.1 versions prior to 1:11.1-1ubuntu7.7; 1:13.0 versions prior to 1:13.0-1ubuntu1.2; 1:13.99.1 versions prior to 1:13.99.1-1ubuntu3.2;

6.7 2020-05-09 CVE-2019-20795

iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.

7 2020-04-29 CVE-2020-11884

In the Linux kernel through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.

3.3 2020-04-28 CVE-2019-15790

Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit this to read information about a privileged running process by exploiting PID recycling. This information could then be used to obtain ASLR offsets for a process with an existing memory corruption vulnerability. The initial fix introduced regressions in the Python Apport library due to a missing argument in Report.add_proc_environ in apport/report.py. It also caused an autopkgtest failure when reading /proc/pid and with Python 2 compatibility by reading /proc maps. The initial and subsequent regression fixes are in 2.20.11-0ubuntu16, 2.20.11-0ubuntu8.6, 2.20.9-0ubuntu7.12, 2.20.1-0ubuntu2.22 and 2.14.1-0ubuntu3.29+esm3.

7.8 2020-04-24 CVE-2019-15794

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.

8.8 2020-04-24 CVE-2019-15793

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have been translated into the s_user_ns for the lower filesystem. This resulted in using ids other than the intended ones in the lower fs, which likely did not map into the shifts s_user_ns. A local attacker could use this to possibly bypass discretionary access control permissions.

7.8 2020-04-24 CVE-2019-15792

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts file->private_data, a void* that points to a filesystem-dependent type, to a "struct shiftfs_file_info *". As the private_data is not required to be a pointer, an attacker can use this to cause a denial of service or possibly execute arbitrary code.

7.8 2020-04-24 CVE-2019-15791

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, which then puts a reference to that file, leading to a refcount underflow.

4.7 2020-04-22 CVE-2020-8833

Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown calls when the Apport cron script clears out crash files of size 0. A symlink with the same name as the deleted file can then be created upon which chown will be called, changing the file owner to root. Fixed in versions 2.20.1-0ubuntu2.23, 2.20.9-0ubuntu7.14, 2.20.11-0ubuntu8.8 and 2.20.11-0ubuntu22.

5.5 2020-04-22 CVE-2020-8831

Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. If the apport/ directory does not exist (this is not uncommon as /var/lock is a tmpfs), it will create the directory, otherwise it will simply continue execution using the existing directory. This allows for a symlink attack if an attacker were to create a symlink at /var/lock/apport, changing apport's lock file location. This file could then be used to escalate privileges, for example. Fixed in versions 2.20.1-0ubuntu2.23, 2.20.9-0ubuntu7.14, 2.20.11-0ubuntu8.8 and 2.20.11-0ubuntu22.

7.8 2020-04-21 CVE-2020-11958

re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme.

7.5 2020-04-21 CVE-2020-11008

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one). Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to send a "blank" pattern to helpers, missing hostname and protocol fields. Many helpers will interpret this as matching _any_ URL, and will return some unspecified stored password, leaking the password to an attacker's server. The vulnerability can be triggered by feeding a malicious URL to `git clone`. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The root of the problem is in Git itself, which should not be feeding blank input to helpers. However, the ability to exploit the vulnerability in practice depends on which helpers are in use. Credential helpers which are known to trigger the vulnerability: - Git's "store" helper - Git's "cache" helper - the "osxkeychain" helper that ships in Git's "contrib" directory Credential helpers which are known to be safe even with vulnerable versions of Git: - Git Credential Manager for Windows Any helper not in this list should be assumed to trigger the vulnerability.

7.5 2020-04-17 CVE-2019-7306

Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu

5.5 2020-04-10 CVE-2020-8832

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.

4.3 2020-04-07 CVE-2020-11609

An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.

4.3 2020-04-07 CVE-2020-11608

An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.

7.4 2020-04-03 CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol.

7.8 2020-04-02 CVE-2020-8835

In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)

7.1 2020-03-12 CVE-2020-0556

Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access

8.8 2020-02-20 CVE-2020-9308

archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact.

5.5 2020-02-20 CVE-2011-4915

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

5.5 2020-02-20 CVE-2011-2498

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
19% (383) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (189) CWE-20 Improper Input Validation
7% (144) CWE-125 Out-of-bounds Read
6% (130) CWE-200 Information Exposure
5% (103) CWE-264 Permissions, Privileges, and Access Controls
5% (102) CWE-476 NULL Pointer Dereference
4% (86) CWE-416 Use After Free
3% (70) CWE-399 Resource Management Errors
3% (65) CWE-190 Integer Overflow or Wraparound
2% (58) CWE-787 Out-of-bounds Write
2% (57) CWE-284 Access Control (Authorization) Issues
2% (56) CWE-189 Numeric Errors
2% (50) CWE-772 Missing Release of Resource after Effective Lifetime
2% (49) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (27) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (26) CWE-362 Race Condition
1% (24) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (22) CWE-254 Security Features
1% (22) CWE-59 Improper Link Resolution Before File Access ('Link Following')
1% (21) CWE-310 Cryptographic Issues
1% (20) CWE-287 Improper Authentication
0% (19) CWE-17 Code
0% (15) CWE-269 Improper Privilege Management
0% (12) CWE-704 Incorrect Type Conversion or Cast
0% (12) CWE-415 Double Free

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-26 Leveraging Race Conditions
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-172 Time and State Attacks

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:9797 zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows...
oval:org.mitre.oval:def:1107 gzip zgrep Sanitation Vulnerability
oval:org.mitre.oval:def:1081 gzip Argument Sanitation Vulnerability
oval:org.mitre.oval:def:11031 The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local...
oval:org.mitre.oval:def:1649 Mozilla Privilege Escalation through Print Preview
oval:org.mitre.oval:def:10364 Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0...
oval:org.mitre.oval:def:1698 Mozilla Privilege Escalation Using crypto.generateCRMFRequest
oval:org.mitre.oval:def:10508 Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0...
oval:org.mitre.oval:def:1929 Mozilla File Stealing by Changing Input Type
oval:org.mitre.oval:def:10922 Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite befo...
oval:org.mitre.oval:def:9167 Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1...
oval:org.mitre.oval:def:1855 Mozilla Cross-site JavaScript Injection Using Event Handlers
oval:org.mitre.oval:def:10666 Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC97...
oval:org.mitre.oval:def:4356 Security Vulnerabilities in OpenSSL May Lead to a Denial of Service (DoS) to ...
oval:org.mitre.oval:def:10207 The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 befor...
oval:org.mitre.oval:def:10612 Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6...
oval:org.mitre.oval:def:9746 Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before...
oval:org.mitre.oval:def:10895 Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before ...
oval:org.mitre.oval:def:11077 Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey befor...
oval:org.mitre.oval:def:11185 The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 b...
oval:org.mitre.oval:def:11092 The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, whe...
oval:org.mitre.oval:def:11331 The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0...
oval:org.mitre.oval:def:10174 Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security ...
oval:org.mitre.oval:def:9151 The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0....
oval:org.mitre.oval:def:9884 browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, a...

SAINT Exploits

Description Link
Exim SMTP listener base64d function one-character buffer overflow More info here
Ubuntu overlayfs privilege elevation More info here
libssh authentication bypass More info here
MySQL yaSSL SSL Hello message buffer overflow More info here
Linux Dirty COW Local File Overwrite More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78232 libvirt bridge Forward Mode Firewall Port Access Restriction Weakness
77832 Parallels Plesk Panel Billing System TLS Renegotiation Handshakes MiTM Plaint...
77642 Update Manager Tar File Handling MitM Remote Arbitrary File Overwrite
77641 Update Manager Insecure Temporary File Creation Local .XAUTHORITY File Discl...
77584 ISC DHCP Regular Expressions dhcpd.conf DHCP Request Packet Parsing Remote DoS
77451 apt Verify-Host Option SSL Certificate Validation MitM Remote Repository Cred...
77430 Ubuntu Software Center SSL Certificate Verification MitM Package Installation...
77214 system-config-printer cupshelper OpenPrinting Database Query MitM Package Ins...
77176 LightDM ~/.dmrc File Handling Local Symlink Arbitrary File Access
76940 icedtea-web Web Browser Plugin Applet Handling Same Origin Policy Bypass
75622 Blue Coat Director TLS Renegotiation Handshakes MiTM Plaintext Data Injection
74675 Linux Kernel OOM Score Calculation PTE Page Handling DoS
74630 tex-common conf/texmf.d/95NonPath.cnf shell_escape_commands Directive Crafted...
74557 ISC DHCP Crafted BOOTP Packet Remote DoS
74556 ISC DHCP Crafted DHCP Packet Remote DoS
74335 Hitachi Web Server TLS Renegotiation Handshakes MiTM Plaintext Data Injection
74180 KDE kdeutils Ark Traversal Arbitrary File Deletion
73259 Eucalyptus SOAP Request Signed Element MiTM Arbitrary Command Execution
72542 Aptdaemon worker.py org.debian.apt.UpdateCachePartially Method sources_list A...
71961 Oracle Fusion Middleware Oracle WebLogic Server TLS Renegotiation Handshakes ...
71951 Oracle Multiple Products Oracle Security Service TLS Renegotiation Handshakes...
71493 ISC DHCP dhclient Response Handling Metacharacter Shell Command Execution
70715 OpenOffice.org (OOo) oowriter WW8DopTypography::ReadFromMem Function Crafted ...
70712 OpenOffice.org (OOo) oowriter RTF Document Malformed Table Use-after-free Ove...
70711 OpenOffice.org (OOo) Multiple File Type Traversal Arbitrary File Overwrite

ExploitDB Exploits

id Description
35359 tcpdump 4.6.2 Geonet Decoder Denial of Service
28726 OpenSSL SSLv2 Null Pointer Dereference Client Denial of Service Vulnerability
28338 Vino VNC Server 3.7.3 - Persistent Denial of Service
27778 Samba nttrans Reply - Integer Overflow Vulnerability
24487 cURL Buffer Overflow Vulnerability
18040 Xorg 1.4 to 1.11.2 File Permission Change PoC
14339 Ubuntu PAM MOTD Local Root Exploit
14273 Ubuntu PAM MOTD File Tampering (Privilege Escalation)
10579 TLS Renegotiation Vulnerability PoC Exploit
9575 Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit
9574 Linux Kernel < 2.6.19 udp_sendmsg Local Root Exploit (x86/x64)
9543 Linux Kernel < 2.6.31-rc7 AF_IRDA 29-Byte Stack Disclosure Exploit
9542 Linux Kernel 2.6 < 2.6.19 (32bit) ip_append_data() ring0 Root Exploit
4773 OpenSSL < 0.9.7l / 0.9.8d - SSLv2 Client Crash Exploit

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-12-31 Name : Fedora Update for bind FEDORA-2012-19822
File : nvt/gb_fedora_2012_19822_bind_fc16.nasl
2012-12-27 Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi
File : nvt/gb_VMSA-2012-0018.nasl
2012-12-26 Name : Fedora Update for qt FEDORA-2012-19715
File : nvt/gb_fedora_2012_19715_qt_fc16.nasl
2012-12-18 Name : Ubuntu Update for glibc USN-1589-2
File : nvt/gb_ubuntu_USN_1589_2.nasl
2012-12-18 Name : Ubuntu Update for aptdaemon USN-1666-1
File : nvt/gb_ubuntu_USN_1666_1.nasl
2012-12-14 Name : Fedora Update for qt FEDORA-2012-19759
File : nvt/gb_fedora_2012_19759_qt_fc17.nasl
2012-12-14 Name : Fedora Update for bind FEDORA-2012-19830
File : nvt/gb_fedora_2012_19830_bind_fc17.nasl
2012-12-14 Name : Google Chrome Multiple Vulnerabilities-03 Dec2012 (Linux)
File : nvt/gb_google_chrome_mult_vuln03_dec12_lin.nasl
2012-12-14 Name : Google Chrome Multiple Vulnerabilities-03 Dec2012 (Mac OS X)
File : nvt/gb_google_chrome_mult_vuln03_dec12_macosx.nasl
2012-12-14 Name : Google Chrome Multiple Vulnerabilities-03 Dec2012 (Windows)
File : nvt/gb_google_chrome_mult_vuln03_dec12_win.nasl
2012-12-10 Name : CentOS Update for bind CESA-2012:1549 centos6
File : nvt/gb_CESA-2012_1549_bind_centos6.nasl
2012-12-10 Name : RedHat Update for bind RHSA-2012:1549-01
File : nvt/gb_RHSA-2012_1549-01_bind.nasl
2012-12-10 Name : Ubuntu Update for bind9 USN-1657-1
File : nvt/gb_ubuntu_USN_1657_1.nasl
2012-12-06 Name : Mandriva Update for bind MDVSA-2012:177 (bind)
File : nvt/gb_mandriva_MDVSA_2012_177.nasl
2012-11-26 Name : Fedora Update for insight FEDORA-2012-18300
File : nvt/gb_fedora_2012_18300_insight_fc16.nasl
2012-11-26 Name : Fedora Update for insight FEDORA-2012-18311
File : nvt/gb_fedora_2012_18311_insight_fc17.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-15 Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
2012-11-15 Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-06 Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-10-23 Name : Fedora Update for dhcp FEDORA-2012-15965
File : nvt/gb_fedora_2012_15965_dhcp_fc17.nasl
2012-10-23 Name : Fedora Update for dhcp FEDORA-2012-15981
File : nvt/gb_fedora_2012_15981_dhcp_fc16.nasl
2012-10-19 Name : Fedora Update for libvirt FEDORA-2012-15640
File : nvt/gb_fedora_2012_15640_libvirt_fc16.nasl
2012-10-03 Name : Fedora Update for dhcp FEDORA-2012-14076
File : nvt/gb_fedora_2012_14076_dhcp_fc16.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-A-0222 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0061471
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2015-A-0174 Multiple Vulnerabilities in Apache HTTP Server
Severity: Category I - VMSKEY: V0061135
2015-A-0160 Multiple Vulnerabilities in Oracle Linux and Virtualization
Severity: Category I - VMSKEY: V0061123
2015-A-0158 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0061089
2015-A-0155 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0061083
2015-A-0141 Multiple Security Vulnerabilities in IBM WebSphere Application Server
Severity: Category I - VMSKEY: V0061061
2015-B-0087 Multiple Vulnerabilities in IBM WebSphere Portal
Severity: Category I - VMSKEY: V0061053
2015-B-0068 Multiple Vulnerabilities in PostgreSQL
Severity: Category I - VMSKEY: V0060809
2015-A-0042 Samba Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0058919
2015-A-0038 Multiple Vulnerabilities in GNU C Library (glibc)
Severity: Category I - VMSKEY: V0058753
2015-B-0013 Multiple Vulnerabilities in VMware ESXi 5.1
Severity: Category I - VMSKEY: V0058515
2015-B-0014 Multiple Vulnerabilities in VMware ESXi 5.5
Severity: Category I - VMSKEY: V0058513
2015-B-0007 Multiple Vulnerabilities in Juniper Secure Analytics (JSA) and Security Threa...
Severity: Category I - VMSKEY: V0058213
2014-B-0161 Multiple Vulnerabilities in VMware ESXi 5.1
Severity: Category I - VMSKEY: V0057717
2014-B-0105 Samba Remote Code Execution
Severity: Category I - VMSKEY: V0053637
2014-A-0062 Multiple Vulnerabilities In McAfee Email Gateway
Severity: Category I - VMSKEY: V0050005
2014-A-0064 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0050011
2014-A-0056 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0049583
2014-A-0030 Apple Mac OS X Security Update 2014-001
Severity: Category I - VMSKEY: V0044547
2014-B-0021 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0044541
2014-A-0021 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0043921
2014-A-0011 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0043399
2014-A-0009 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0043395
2013-A-0233 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0042596

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 IPv6 packets encapsulated in IPv4
RuleID : 8446 - Type : POLICY-OTHER - Revision : 8
2020-03-17 Apple Safari Webkit WebCore memory corruption attempt
RuleID : 53101 - Type : BROWSER-WEBKIT - Revision : 1
2020-03-17 Apple Safari Webkit WebCore memory corruption attempt
RuleID : 53100 - Type : BROWSER-WEBKIT - Revision : 1
2020-02-04 dnsmasq crafted OPT record denial of service attempt
RuleID : 52524 - Type : PROTOCOL-DNS - Revision : 1
2020-01-16 Memcached lru mode NULL dereference attempt
RuleID : 52477 - Type : SERVER-OTHER - Revision : 1
2020-01-16 Memcached lru temp_ttl NULL dereference attempt
RuleID : 52476 - Type : SERVER-OTHER - Revision : 1
2020-01-07 LibVNCServer file transfer extension heap buffer overflow attempt
RuleID : 52397 - Type : SERVER-OTHER - Revision : 1
2020-01-07 LibVNCServer file transfer extension heap buffer overflow attempt
RuleID : 52396 - Type : SERVER-OTHER - Revision : 1
2020-01-07 LibVNCServer file transfer extension heap buffer overflow attempt
RuleID : 52395 - Type : SERVER-OTHER - Revision : 1
2020-01-07 LibVNCServer file transfer extension heap buffer overflow attempt
RuleID : 52394 - Type : SERVER-OTHER - Revision : 1
2020-01-07 LibVNCServer file transfer extension heap buffer overflow attempt
RuleID : 52393 - Type : SERVER-OTHER - Revision : 1
2020-01-07 yaSSL SSL Hello Message buffer overflow attempt
RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1
2020-01-03 ISC BIND deny-answer-aliases denial of service attempt
RuleID : 52344 - Type : SERVER-OTHER - Revision : 1
2020-01-03 ISC BIND deny-answer-aliases denial of service attempt
RuleID : 52343 - Type : SERVER-OTHER - Revision : 1
2020-01-03 Imagemagick XBM tranformation information leak attempt
RuleID : 52312 - Type : FILE-IMAGE - Revision : 1
2019-12-10 Libmspack cabd_sys_read_block off-by-one heap overflow attempt
RuleID : 52133 - Type : FILE-OTHER - Revision : 2
2019-12-10 Libmspack cabd_sys_read_block off-by-one heap overflow attempt
RuleID : 52132 - Type : FILE-OTHER - Revision : 2
2019-12-10 PHP FPM env_path_info buffer underflow attempt
RuleID : 52123 - Type : SERVER-WEBAPP - Revision : 1
2019-12-03 ZeroMQ libzmq stack-based buffer overflow attempt
RuleID : 52037 - Type : SERVER-OTHER - Revision : 1
2019-11-26 LibreOffice office document arbitrary script execution attempt
RuleID : 52000 - Type : FILE-OTHER - Revision : 1
2019-11-26 LibreOffice office document arbitrary script execution attempt
RuleID : 51999 - Type : FILE-OTHER - Revision : 1
2019-11-19 Ghostscript -dSAFER sandbox bypass attempt
RuleID : 51945 - Type : FILE-OTHER - Revision : 1
2019-10-23 PHP http fopen stack buffer overflow attempt
RuleID : 51578 - Type : SERVER-WEBAPP - Revision : 1
2019-10-08 Mozilla Firefox Custom Elements write-after-free attempt
RuleID : 51440 - Type : BROWSER-FIREFOX - Revision : 1
2019-10-08 Mozilla Firefox Custom Elements write-after-free attempt
RuleID : 51439 - Type : BROWSER-FIREFOX - Revision : 1

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-18 Name: The remote Fedora host is missing a security update.
File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2019-0059.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2019-0049.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: A PHP application running on the remote web server is affected by multiple vu...
File: drupal_8_6_6.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-348547a32d.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-e6ca5847c7.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote database server is affected by multiple vulnerabilities
File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote database server is affected by multiple vulnerabilities
File: mariadb_5_5_42.nasl - Type: ACT_GATHER_INFO
2019-01-15 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2019-337484d88b.nasl - Type: ACT_GATHER_INFO
2019-01-15 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2019-b0f7a7b74b.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2019-011-01.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2019-013-01.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Virtuozzo host is missing multiple security updates.
File: Virtuozzo_VZA-2016-104.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2019-1145.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2019-1146.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4367.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Fedora host is missing a security update.
File: fedora_2019-18b3a10c7f.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Fedora host is missing a security update.
File: fedora_2019-75a8da28f0.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-072.nasl - Type: ACT_GATHER_INFO