Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3709
The ZipArchive::getArchiveComment function in PHP 5.2.x up to and including 5.2.14 and 5.3.x up to and including 5.3.3 allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
Php Php
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
1 EDB exploit
NA
CVE-2010-3870
The utf8_decode function in PHP prior to 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote malicious users to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a ...
Php Php
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
1 EDB exploit
7
CVSSv3
CVE-2022-3328
Race condition in snap-confine's must_mkdir_and_open_with_perms()
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Snapd
1 Github repository
NA
CVE-2010-3436
fopen_wrappers.c in PHP 5.3.x up to and including 5.3.3 might allow remote malicious users to bypass open_basedir restrictions via vectors related to the length of a filename.
Php Php
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
9.1
CVSSv3
CVE-2019-17544
libaspell.a in GNU Aspell prior to 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
Gnu Aspell
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
7.8
CVSSv3
CVE-2019-20079
The autocmd feature in window.c in Vim prior to 8.1.2136 accesses freed memory.
Vim Vim
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
4.7
CVSSv3
CVE-2020-16123
An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This c...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
7.8
CVSSv3
CVE-2019-11476
An integer overflow in whoopsie prior to 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie ...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
6.3
CVSSv3
CVE-2017-6590
An issue exists in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login screen to access local files and execute arbitrary commands as the lightdm user. The explo...
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
3.8
CVSSv3
CVE-2020-16128
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions before 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »