ubuntu linux vulnerabilities and exploits

4.6
CVSSv2
CVE-2012-6711

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo...

GnuBashRedhatEnterprise Linux
4.3
CVSSv2
CVE-2018-10963

The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726....

LibtiffCanonicalUbuntu LinuxDebianDebian Linux
6.4
CVSSv2
CVE-2019-3862

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client...

6.4
CVSSv2
CVE-2019-3861

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client...

6.4
CVSSv2
CVE-2019-3858

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory....

NA
CVE-2019-2762

Oracle Java SE/Java SE Embedded CVE-2019-2762 Remote Security Vulnerability...

NA
CVE-2019-2745

Oracle Java SE CVE-2019-2745 Local Security Vulnerability...

NA
CVE-2019-2786

Oracle Java SE/Java SE Embedded CVE-2019-2786 Remote Security Vulnerability...

NA
CVE-2019-2842

An unspecified vulnerability in Oracle Java SE related to the Java SE JCE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors....

NA
CVE-2019-2816

An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Networking component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact....