Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical ubuntu linux 15.10 vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2016-0755
The ConnectionExists function in lib/url.c in libcurl prior to 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote malicious users to authenticate as other users via a request, a similar issue to CVE-2014-0015.
Haxx Curl
Canonical Ubuntu Linux 12.04
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
6.5
CVSSv3
CVE-2016-2073
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows malicious users to cause a denial of service (out-of-bounds read) via a crafted XML document.
Xmlsoft Libxml2
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
5
CVSSv3
CVE-2016-2391
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
Qemu Qemu
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2016-2858
QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.
Qemu Qemu
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2015-8806
dict.c in libxml2 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
Xmlsoft Libxml2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2016-1576
The overlayfs implementation in the Linux kernel up to and including 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.
Canonical Ubuntu Touch 15.04
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Core 15.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Linux Linux Kernel
1 EDB exploit
7.8
CVSSv3
CVE-2016-1575
The overlayfs implementation in the Linux kernel up to and including 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Linux Linux Kernel
Canonical Ubuntu Touch 15.04
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Core 15.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
1 EDB exploit
NA
CVE-2015-4002
drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel up to and including 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote malicious users to cause a denial of service (system crash or large loop) or possibly execu...
Linux Linux Kernel
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 13.2
6.5
CVSSv3
CVE-2013-7447
Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ prior to 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote malicious users to cause a denial of service (crash) via a large ima...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Samsung X14j Firmware T-ms14jakucb-1102.5
7.3
CVSSv3
CVE-2015-8607
The canonpath function in the File::Spec module in PathTools prior to 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent malicious users to bypass the taint protection mechanism via a crafted string.
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Perl Pathtools
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »