Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 5.59%
  • Veröffentlicht 09.04.2019 04:29:00
  • Zuletzt bearbeitet 21.11.2024 04:20:04

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

  • EPSS 1.4%
  • Veröffentlicht 09.04.2019 03:29:00
  • Zuletzt bearbeitet 21.11.2024 04:17:19

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'.

Warnung Exploit
  • EPSS 65.01%
  • Veröffentlicht 08.04.2019 22:29:00
  • Zuletzt bearbeitet 27.10.2025 17:37:51

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with...

  • EPSS 17.67%
  • Veröffentlicht 08.04.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:16:30

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictio...

  • EPSS 1.97%
  • Veröffentlicht 08.04.2019 19:29:05
  • Zuletzt bearbeitet 21.11.2024 04:20:20

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.

Exploit
  • EPSS 3.77%
  • Veröffentlicht 08.04.2019 19:29:05
  • Zuletzt bearbeitet 21.11.2024 04:20:20

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact ...

  • EPSS 3.6%
  • Veröffentlicht 07.04.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:20:06

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.

Exploit
  • EPSS 1.44%
  • Veröffentlicht 01.04.2019 21:30:43
  • Zuletzt bearbeitet 21.11.2024 04:06:25

A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can...

  • EPSS 1.13%
  • Veröffentlicht 01.04.2019 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:50:44

In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.

Exploit
  • EPSS 1.74%
  • Veröffentlicht 30.03.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:19:40

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.