Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-11-06 | CVE-2015-7696 | Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value. | Ubuntu_linux, Debian_linux, Unzip | N/A | ||
| 2015-02-06 | CVE-2014-9636 | unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. | Ubuntu_linux, Debian_linux, Fedora, Unzip | N/A | ||
| 2008-09-18 | CVE-2008-4098 | MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097. | Ubuntu_linux, Debian_linux, Mysql, Mysql | N/A | ||
| 2008-05-05 | CVE-2008-2079 | MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future. | Ubuntu_linux, Debian_linux, Mysql, Mysql | N/A | ||
| 2008-01-10 | CVE-2008-0226 | Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. | Mac_os_x, Ubuntu_linux, Debian_linux, Mysql, Mysql, Yassl | N/A | ||
| 2019-11-29 | CVE-2015-3406 | The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors. | Ubuntu_linux, Module\-Signature | N/A | ||
| 2019-12-02 | CVE-2012-4428 | openslp: SLPIntersectStringList()' Function has a DoS vulnerability | Ubuntu_linux, Debian_linux, Fedora, Openslp | N/A | ||
| 2019-11-20 | CVE-2019-3466 | The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. | Ubuntu_linux, Debian_linux, Postgresql\-Common | N/A | ||
| 2019-04-09 | CVE-2019-0816 | A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'. | Ubuntu_linux | 5.1 | ||
| 2019-11-21 | CVE-2012-3543 | mono 2.10.x ASP.NET Web Form Hash collision DoS | Ubuntu_linux, Debian_linux, Mono | N/A |