Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2017-14177
Apport up to and including 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vul...
Apport Project Apport
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 14.04
7.2
CVSSv2
CVE-2017-14180
Apport 2.13 up to and including 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, ...
Apport Project Apport
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 14.04
4.6
CVSSv2
CVE-2015-1342
LXCFS prior to 0.12 does not properly enforce directory escapes, which might allow local users to gain privileges by (1) querying or (2) updating a cgroup.
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 15.10
Canonical Lxcfs
7.2
CVSSv2
CVE-2015-1344
The do_write_pids function in lxcfs.c in LXCFS prior to 0.12 does not properly check permissions, which allows local users to gain privileges by writing a pid to the tasks file.
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Lxcfs
4.4
CVSSv2
CVE-2020-27348
In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions before 4....
Canonical Snapcraft
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
2.1
CVSSv2
CVE-2016-1581
LXD prior to 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 16.04
Canonical Lxd
5
CVSSv2
CVE-2020-13114
An issue exists in libexif prior to 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.
Libexif Project Libexif
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.1
4.4
CVSSv2
CVE-2018-8885
screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._chec...
Canonical Screen-resolution-extra 0.17.2
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
5.1
CVSSv2
CVE-2019-18197
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitial...
Xmlsoft Libxslt 1.1.33
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
1 Github repository
7.2
CVSSv2
CVE-2010-3084
Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel prior to 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.
Linux Linux Kernel 2.6.36
Linux Linux Kernel
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 9.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »