Vulnerabilities > Canonical > Ubuntu Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-16 | CVE-2016-9318 | XXE vulnerability in multiple products libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document. | 5.5 |
| 2016-11-10 | CVE-2016-5195 | Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." | 7.0 |
| 2016-10-16 | CVE-2016-7425 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code. | 7.8 |
| 2016-10-13 | CVE-2016-7795 | Improper Input Validation vulnerability in multiple products The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket. | 5.5 |
| 2016-10-10 | CVE-2016-7117 | Data Processing Errors vulnerability in multiple products Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing. | 9.8 |
| 2016-10-03 | CVE-2016-7401 | 7PK - Security Features vulnerability in multiple products The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies. | 7.5 |
| 2016-10-03 | CVE-2016-6352 | Out-of-bounds Write vulnerability in multiple products The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file. | 7.5 |
| 2016-10-03 | CVE-2016-1372 | Improper Access Control vulnerability in multiple products ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file. | 5.5 |
| 2016-10-03 | CVE-2016-1371 | Improper Access Control vulnerability in multiple products ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable. | 5.5 |
| 2016-10-03 | CVE-2016-5180 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot. | 9.8 |