Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 50.45%
  • Veröffentlicht 11.07.2019 19:15:13
  • Zuletzt bearbeitet 21.11.2024 04:23:02

An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leadin...

  • EPSS 8.09%
  • Veröffentlicht 11.07.2019 19:15:13
  • Zuletzt bearbeitet 21.11.2024 04:23:02

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be...

  • EPSS 26.05%
  • Veröffentlicht 11.07.2019 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:18:37

A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis...

  • EPSS 23.7%
  • Veröffentlicht 11.07.2019 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:18:37

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perfo...

  • EPSS 42.46%
  • Veröffentlicht 10.07.2019 19:15:10
  • Zuletzt bearbeitet 21.11.2024 04:24:15

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow a...

  • EPSS 4.05%
  • Veröffentlicht 10.07.2019 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:24:29

A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair o...

Exploit
  • EPSS 4.35%
  • Veröffentlicht 09.07.2019 17:15:11
  • Zuletzt bearbeitet 11.07.2025 20:05:48

ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.

Exploit
  • EPSS 3.13%
  • Veröffentlicht 05.07.2019 01:15:10
  • Zuletzt bearbeitet 21.11.2024 04:24:39

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.

Exploit
  • EPSS 3.17%
  • Veröffentlicht 05.07.2019 01:15:10
  • Zuletzt bearbeitet 21.11.2024 04:24:39

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.

Exploit
  • EPSS 2.7%
  • Veröffentlicht 05.07.2019 01:15:10
  • Zuletzt bearbeitet 21.11.2024 04:24:39

ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.