Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 4.04%
  • Veröffentlicht 03.07.2019 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:44:15

An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image...

Exploit
  • EPSS 4.52%
  • Veröffentlicht 03.07.2019 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:44:15

An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potentia...

  • EPSS 0.52%
  • Veröffentlicht 03.07.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:24:20

qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.

  • EPSS 3.29%
  • Veröffentlicht 01.07.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:24:16

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.

Exploit
  • EPSS 1.9%
  • Veröffentlicht 01.07.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:24:16

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.

  • EPSS 1.7%
  • Veröffentlicht 01.07.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:23:33

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django vi...

  • EPSS 6.46%
  • Veröffentlicht 01.07.2019 02:15:09
  • Zuletzt bearbeitet 28.05.2026 19:16:29

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or ...

  • EPSS 5.15%
  • Veröffentlicht 01.07.2019 02:15:09
  • Zuletzt bearbeitet 28.05.2026 19:16:29

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.

Exploit
  • EPSS 1.93%
  • Veröffentlicht 30.06.2019 23:15:10
  • Zuletzt bearbeitet 21.11.2024 04:24:12

A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted CRW image file.

Exploit
  • EPSS 1.98%
  • Veröffentlicht 30.06.2019 23:15:10
  • Zuletzt bearbeitet 21.11.2024 04:24:12

A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.