Canonical: Security Vulnerabilities
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
CVSS Score
7.5
EPSS Score
0.034
Published
2020-02-11
HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is done in an improper way, hence a malicious JavaScript code can execute arbitrary Java code on the application.
CVSS Score
8.1
EPSS Score
0.046
Published
2020-02-11
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.
CVSS Score
4.2
EPSS Score
0.002
Published
2020-02-08
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user.
CVSS Score
7.0
EPSS Score
0.004
Published
2020-02-08
Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.
CVSS Score
6.3
EPSS Score
0.004
Published
2020-02-08
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
CVSS Score
3.3
EPSS Score
0.003
Published
2020-02-08
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.
CVSS Score
3.8
EPSS Score
0.004
Published
2020-02-08
A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by pile up of CLOSE_WAIT sockets, eventually leading to the exhaustion of available resources, preventing legitimate users from connecting to the system.
CVSS Score
6.5
EPSS Score
0.025
Published
2020-02-07
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.
CVSS Score
8.8
EPSS Score
0.035
Published
2020-02-06
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
CVSS Score
8.8
EPSS Score
0.108
Published
2020-02-06