Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu ubuntu 14.04 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-20124
hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.
Qemu Qemu
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
6.5
CVSSv3
CVE-2018-18497
Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: l...
Mozilla Firefox
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
9.8
CVSSv3
CVE-2018-18504
A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers. This vulnerability affect...
Mozilla Firefox
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
9.8
CVSSv3
CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 up to and including 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulli...
Haxx Curl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
6.5
CVSSv3
CVE-2018-6405
In the ReadDCMImage function in coders/dcm.c in ImageMagick prior to 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote malicious users to cause a denial of serv...
Imagemagick Imagemagick
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
2 Github repositories
7.5
CVSSv3
CVE-2018-5160
WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox < 60.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Mozilla Firefox
8.1
CVSSv3
CVE-2018-5163
If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this rep...
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Mozilla Firefox
6.1
CVSSv3
CVE-2018-5164
Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vu...
Mozilla Firefox
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
1 Github repository
4.3
CVSSv3
CVE-2018-5167
The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaS...
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
Mozilla Firefox
6.5
CVSSv3
CVE-2018-5169
If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability affects Firefox < 60.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Mozilla Firefox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »