Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2010-2946
fs/jfs/xattr.c in the Linux kernel prior to 2.6.35.2 does not properly handle a certain legacy format for storage of extended attributes, which might allow local users by bypass intended xattr namespace restrictions via an "os2." substring at the beginning of a name.
Linux Linux Kernel
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 9.10
4.6
CVSSv2
CVE-2015-1322
Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) prior to 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 prior to 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS prior to 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or rea...
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.1
Ubuntu Network-manager
5
CVSSv2
CVE-2008-2285
The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it easier for remote malicious users to exploit CVE-2008-0166 by guessing a key that was not identified by this tool.
Ubuntu Linux 7.04
Ubuntu Linux 7.10
Ubuntu Linux 8.04
6.4
CVSSv2
CVE-2019-17544
libaspell.a in GNU Aspell prior to 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
Gnu Aspell
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
7.5
CVSSv2
CVE-2010-3069
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba prior to 3.5.5 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.
Samba Samba
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
3.6
CVSSv2
CVE-2012-6150
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba up to and including 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions...
Samba Samba
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
4.3
CVSSv2
CVE-2018-16323
ReadXBMImage in coders/xbm.c in ImageMagick prior to 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can ...
Imagemagick Imagemagick
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
1 EDB exploit
1 Github repository
6.8
CVSSv2
CVE-2010-2541
Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType prior to 2.4.2 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Freetype Freetype
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
5
CVSSv2
CVE-2010-3436
fopen_wrappers.c in PHP 5.3.x up to and including 5.3.3 might allow remote malicious users to bypass open_basedir restrictions via vectors related to the length of a filename.
Php Php
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
4.3
CVSSv2
CVE-2010-3709
The ZipArchive::getArchiveComment function in PHP 5.2.x up to and including 5.2.14 and 5.3.x up to and including 5.3.3 allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
Php Php
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »