Canonical: >> Ubuntu Linux >> 18.10 Security Vulnerabilities
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.
CVSS Score
5.0
EPSS Score
0.0
Published
2023-12-12
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
CVSS Score
5.4
EPSS Score
0.011
Published
2020-06-17
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.
CVSS Score
5.4
EPSS Score
0.01
Published
2020-06-17
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
CVSS Score
5.4
EPSS Score
0.01
Published
2020-06-17
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.
CVSS Score
6.5
EPSS Score
0.013
Published
2020-06-17
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
CVSS Score
7.5
EPSS Score
0.013
Published
2020-06-17
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
CVSS Score
7.5
EPSS Score
0.022
Published
2020-06-17
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
CVSS Score
7.5
EPSS Score
0.018
Published
2020-06-17
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.011
Published
2020-06-17
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.024
Published
2020-06-17
Page 1