Filtered by vendor Canonical Subscriptions
Filtered by product Ubuntu Linux Subscriptions
Total 4151 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-3515 7 Canonical, Debian, Opensuse and 4 more 15 Ubuntu Linux, Debian Linux, Opensuse and 12 more 2024-11-21 N/A
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
CVE-2012-3509 3 Canonical, Debian, Gnu 4 Ubuntu Linux, Debian Linux, Binutils and 1 more 2024-11-21 N/A
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow.
CVE-2012-3489 6 Apple, Canonical, Debian and 3 more 10 Mac Os X Server, Ubuntu Linux, Debian Linux and 7 more 2024-11-21 6.5 Medium
The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue.
CVE-2012-3425 5 Canonical, Debian, Libpng and 2 more 5 Ubuntu Linux, Debian Linux, Libpng and 2 more 2024-11-21 N/A
The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image.
CVE-2012-3412 3 Canonical, Linux, Redhat 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more 2024-11-21 N/A
The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.
CVE-2012-3406 3 Canonical, Gnu, Redhat 4 Ubuntu Linux, Glibc, Enterprise Linux and 1 more 2024-11-21 N/A
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
CVE-2012-3405 3 Canonical, Gnu, Redhat 4 Ubuntu Linux, Glibc, Enterprise Linux and 1 more 2024-11-21 N/A
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.
CVE-2012-3404 3 Canonical, Gnu, Redhat 4 Ubuntu Linux, Glibc, Enterprise Linux and 1 more 2024-11-21 N/A
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.
CVE-2012-3400 3 Canonical, Linux, Redhat 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more 2024-11-21 N/A
Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem.
CVE-2012-3197 5 Canonical, Debian, Mariadb and 2 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
CVE-2012-3180 5 Canonical, Debian, Mariadb and 2 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
CVE-2012-3177 5 Canonical, Debian, Mariadb and 2 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
CVE-2012-3173 5 Canonical, Debian, Mariadb and 2 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
CVE-2012-3167 5 Canonical, Debian, Mariadb and 2 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
CVE-2012-3166 5 Canonical, Debian, Mariadb and 2 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
CVE-2012-3163 6 Canonical, Debian, F5 and 3 more 22 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 19 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
CVE-2012-3160 5 Canonical, Debian, Mariadb and 2 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
CVE-2012-3158 5 Canonical, Debian, Mariadb and 2 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
CVE-2012-3150 5 Canonical, Debian, Mariadb and 2 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2024-11-21 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
CVE-2012-2736 4 Canonical, Debian, Gnome and 1 more 4 Ubuntu Linux, Debian Linux, Networkmanager and 1 more 2024-11-21 4.4 Medium
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.