Vulnerabilities > Canonical > Ubuntu Linux > 14.04
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-10-21 | CVE-2015-4816 | Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. | 4.0 |
2015-10-21 | CVE-2015-4815 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL. | 4.0 |
2015-10-21 | CVE-2015-4792 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802. | 1.7 |
2015-10-19 | CVE-2015-6937 | Null Pointer Deference Denial of Service vulnerability in Linux Kernel The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. | 4.9 |
2015-10-19 | CVE-2015-5707 | Integer Overflow or Wraparound vulnerability in Linux Kernel Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | 4.6 |
2015-10-09 | CVE-2015-1337 | Improper Input Validation vulnerability in multiple products Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response. | 6.8 |
2015-10-01 | CVE-2015-7236 | Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code. | 7.5 |
2015-10-01 | CVE-2015-1338 | Link Following vulnerability in multiple products kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log. | 7.2 |
2015-10-01 | CVE-2015-1335 | Link Following vulnerability in multiple products lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source. | 7.2 |
2015-09-17 | CVE-2015-1319 | Improper Input Validation vulnerability in Canonical Ubuntu Linux 14.04/15.04 The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04.20150408-0ubuntu1.2 does not properly detect if the screen is locked, which allows physically proximate attackers to mount removable media while the screen is locked as demonstrated by inserting a USB thumb drive. | 2.1 |