Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu software properties vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-12599
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow malicious users to cause an out of bounds write via a crafted file.
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
Imagemagick Imagemagick 7.0.8-3
8.8
CVSSv3
CVE-2018-12600
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow malicious users to cause an out of bounds write via a crafted file.
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Imagemagick Imagemagick 7.0.8-3
7.8
CVSSv3
CVE-2022-2588
It exists that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
8 Github repositories
7.8
CVSSv3
CVE-2022-2585
It exists that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
Linux Linux Kernel
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
1 Github repository
7.8
CVSSv3
CVE-2022-2586
It exists that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
4 Github repositories
3.3
CVSSv3
CVE-2018-16866
An out of bounds read exists in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
Systemd Project Systemd
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Netapp Active Iq Performance Analytics Services -
Netapp Element Software
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 7.6
Redhat Enterprise Linux Server Update Services For Sap Solutions 7.6
Redhat Enterprise Linux Server Update Services For Sap Solutions 7.4
Redhat Enterprise Linux Compute Node Eus 7.6
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 7.4
1 Github repository
2 Articles
NA
CVE-2011-4407
ppa.py in Software Properties prior to 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) malicious users to spoof GPG keys for a package repository.
Canonical Ubuntu Linux 11.04
Canonical Software-properties
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.10
NA
CVE-2013-1061
dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 prior to 0.92.17.3, 0.92.9 prior to 0.92.9.3, and 0.82.7 prior to 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by lever...
Marc Deslauriers Software-properties 0.92.9
Marc Deslauriers Software-properties 0.82.7.4
Marc Deslauriers Software-properties 0.92.17.2
Marc Deslauriers Software-properties 0.82.7.3
Marc Deslauriers Software-properties 0.82.7.2
Marc Deslauriers Software-properties 0.92.17.1
Marc Deslauriers Software-properties 0.92.17
Marc Deslauriers Software-properties 0.82.7.1
Marc Deslauriers Software-properties 0.82.7
Marc Deslauriers Software-properties 0.92.9.2
Marc Deslauriers Software-properties 0.92.9.1
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.04
NA
CVE-2012-4208
The XrayWrapper implementation in Mozilla Firefox prior to 17.0, Thunderbird prior to 17.0, and SeaMonkey prior to 2.14 does not consider the compartment during property filtering, which allows remote malicious users to bypass intended chrome-only restrictions on reading DOM obje...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
NA
CVE-2012-5836
Mozilla Firefox prior to 17.0, Thunderbird prior to 17.0, and SeaMonkey prior to 2.14 allow remote malicious users to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunctio...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »