Ubuntu_linux - Vulncode-DB

Date	Id	Summary	Products	Score
2020-03-25	CVE-2020-6805	When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.	Ubuntu_linux, Firefox, Firefox_esr, Thunderbird	8.8
2020-03-25	CVE-2020-6807	When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.	Ubuntu_linux, Firefox, Firefox_esr, Thunderbird	8.8
2015-05-21	CVE-2015-4000	The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.	Iphone_os, Mac_os_x, Safari, Ubuntu_linux, Debian_linux, Chrome, Hp\-Ux, Content_manager, Internet_explorer, Firefox, Firefox_esr, Firefox_os, Network_security_services, Seamonkey, Thunderbird, Openssl, Opera_browser, Jdk, Jre, Jrockit, Sparc\-Opl_service_processor, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server	3.7
2019-04-01	CVE-2018-3979	A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS...	Ubuntu_linux, Geforce_gtx_745_firmware, Geforce_gtx_750_firmware, Geforce_gtx_750_ti_firmware, Geforce_gtx_840m_firmware, Geforce_gtx_845m_firmware, Geforce_gtx_850m_firmware, Geforce_gtx_860m_firmware, Geforce_gtx_950m_firmware, Geforce_gtx_960m_firmware, Grid_m30_firmware, Grid_m40_firmware, Quadro_k1200_firmware, Quadro_k2200_firmware, Quadro_k620_firmware, Quadro_m1000m_firmware, Quadro_m1200m_firmware	6.5
2018-01-24	CVE-2017-18075	crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls.	Ubuntu_linux, Linux_kernel	7.8
2018-01-29	CVE-2017-18079	drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated.	Ubuntu_linux, Linux_kernel	7.8
2019-09-08	CVE-2019-16091	Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.	Ubuntu_linux, Libmysofa	7.5
2019-09-08	CVE-2019-16092	Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.	Ubuntu_linux, Libmysofa	9.8
2019-09-08	CVE-2019-16093	Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.	Ubuntu_linux, Libmysofa	9.8
2019-09-08	CVE-2019-16094	Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.	Ubuntu_linux, Libmysofa	7.5

Product: Ubuntu_linux (Canonical)

Product:
Ubuntu_linux
(Canonical)