Canonical

Ubuntu Linux

4108 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.6

CVE-2019-3887

  • EPSS 0.04%
  • Veröffentlicht 09.04.2019 16:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:48

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled....

7.5

CVE-2019-10895

Exploit
  • EPSS 12.45%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:04

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.

7.5

CVE-2019-10896

Exploit
  • EPSS 11.89%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:04

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.

7.5

CVE-2019-10899

Exploit
  • EPSS 12.66%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:05

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.

7.5

CVE-2019-10901

Exploit
  • EPSS 14.37%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:05

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.

7.5

CVE-2019-10903

Exploit
  • EPSS 12.66%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:05

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

7.5

CVE-2019-10894

Exploit
  • EPSS 12.66%
  • Veröffentlicht 09.04.2019 04:29:00
  • Zuletzt bearbeitet 21.11.2024 04:20:04

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

5.1

CVE-2019-0816

  • EPSS 0.1%
  • Veröffentlicht 09.04.2019 03:29:00
  • Zuletzt bearbeitet 21.11.2024 04:17:19

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'.

7.8

CVE-2019-0211

Warnung Exploit
  • EPSS 89.57%
  • Veröffentlicht 08.04.2019 22:29:00
  • Zuletzt bearbeitet 27.10.2025 17:37:51

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with...

7.5

CVE-2019-0217

  • EPSS 43.02%
  • Veröffentlicht 08.04.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:16:30

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictio...