Vulnerabilities > Canonical > Ubuntu Linux > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-12 | CVE-2017-8900 | Local Security Bypass vulnerability in LightDM LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session. | 2.1 |
| 2017-02-01 | CVE-2016-9963 | Key Management Errors vulnerability in multiple products Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages. | 2.6 |
| 2017-01-06 | CVE-2016-2367 | Information Exposure vulnerability in multiple products An information leak exists in the handling of the MXIT protocol in Pidgin. | 3.5 |
| 2016-09-02 | CVE-2016-4952 | Out-of-bounds Write vulnerability in multiple products QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command. | 1.9 |
| 2016-09-02 | CVE-2016-5105 | Use of Uninitialized Resource vulnerability in multiple products The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command. | 1.9 |
| 2016-09-02 | CVE-2016-5106 | Out-of-bounds Write vulnerability in multiple products The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command. | 1.9 |
| 2016-09-02 | CVE-2016-5107 | Out-of-bounds Read vulnerability in multiple products The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors. | 1.9 |
| 2016-07-22 | CVE-2015-8946 | Improper Input Validation vulnerability in multiple products ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors. | 2.1 |
| 2016-07-22 | CVE-2016-6224 | Improper Input Validation vulnerability in multiple products ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. | 3.3 |
| 2016-07-21 | CVE-2016-3614 | Remote Security vulnerability in Oracle MySQL Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption. | 3.5 |