Vulnerabilities > Canonical > Ubuntu Linux > High

DATE CVE VULNERABILITY TITLE RISK
2017-01-13 CVE-2016-7426 Resource Exhaustion vulnerability in multiple products
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address.
network
low complexity
ntp canonical redhat hpe CWE-400
7.5
7.5
2017-01-06 CVE-2016-2378 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin.
network
high complexity
pidgin canonical debian CWE-119
8.1
8.1
2017-01-06 CVE-2016-2377 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-119
8.1
8.1
2017-01-06 CVE-2016-2376 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-119
8.1
8.1
2017-01-06 CVE-2016-2374 Out-of-bounds Read vulnerability in multiple products
An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-125
8.1
8.1
2017-01-06 CVE-2016-2371 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-787
8.1
8.1
2017-01-06 CVE-2016-2368 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-119
8.1
8.1
2016-12-17 CVE-2016-9950 Path Traversal vulnerability in multiple products
An issue was discovered in Apport before 2.20.4.
local
low complexity
apport-project canonical CWE-22
7.8
7.8
2016-12-17 CVE-2016-9949 Code Injection vulnerability in multiple products
An issue was discovered in Apport before 2.20.4.
local
low complexity
apport-project canonical CWE-94
7.8
7.8
2016-12-09 CVE-2016-9014 Permissions, Privileges, and Access Controls vulnerability in multiple products
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.
network
high complexity
fedoraproject canonical djangoproject CWE-264
8.1
8.1