Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.49%
  • Veröffentlicht 20.01.2022 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:32:10

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

Exploit
  • EPSS 3.06%
  • Veröffentlicht 14.01.2022 06:15:09
  • Zuletzt bearbeitet 21.11.2024 06:43:21

A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. T...

  • EPSS 2.3%
  • Veröffentlicht 08.12.2021 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:30:56

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.

  • EPSS 0.35%
  • Veröffentlicht 17.11.2021 04:15:06
  • Zuletzt bearbeitet 21.11.2024 06:22:49

Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. This is reachabl...

  • EPSS 0.29%
  • Veröffentlicht 12.06.2021 04:15:12
  • Zuletzt bearbeitet 21.11.2024 06:07:15

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.

  • EPSS 0.32%
  • Veröffentlicht 12.06.2021 04:15:12
  • Zuletzt bearbeitet 21.11.2024 06:07:15

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.

  • EPSS 0.29%
  • Veröffentlicht 12.06.2021 04:15:12
  • Zuletzt bearbeitet 21.11.2024 06:07:15

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.

  • EPSS 0.29%
  • Veröffentlicht 12.06.2021 04:15:12
  • Zuletzt bearbeitet 21.11.2024 06:07:15

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.

  • EPSS 0.29%
  • Veröffentlicht 12.06.2021 04:15:11
  • Zuletzt bearbeitet 21.11.2024 06:07:14

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users.

  • EPSS 0.29%
  • Veröffentlicht 12.06.2021 04:15:11
  • Zuletzt bearbeitet 21.11.2024 06:07:14

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users.