CVE-2013-1054
- EPSS 1.34%
- Veröffentlicht 07.04.2021 20:15:12
- Zuletzt bearbeitet 21.11.2024 01:48:49
The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubu...
CVE-2021-3444
- EPSS 0.61%
- Veröffentlicht 23.03.2021 18:15:13
- Zuletzt bearbeitet 21.11.2024 06:21:32
The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel me...
- EPSS 0.58%
- Veröffentlicht 20.03.2021 22:15:12
- Zuletzt bearbeitet 21.11.2024 05:20:48
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spect...
CVE-2020-27170
- EPSS 0.57%
- Veröffentlicht 20.03.2021 22:15:11
- Zuletzt bearbeitet 21.11.2024 05:20:48
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information fr...
CVE-2021-27364
- EPSS 0.96%
- Veröffentlicht 07.03.2021 05:15:13
- Zuletzt bearbeitet 21.11.2024 05:57:50
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
CVE-2020-16120
- EPSS 0.4%
- Veröffentlicht 10.02.2021 20:15:15
- Zuletzt bearbeitet 21.11.2024 05:06:48
Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable ...
CVE-2020-16119
- EPSS 0.42%
- Veröffentlicht 14.01.2021 01:15:13
- Zuletzt bearbeitet 21.11.2024 05:06:47
Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-...
CVE-2020-29385
- EPSS 1.48%
- Veröffentlicht 26.12.2020 02:15:12
- Zuletzt bearbeitet 29.04.2025 13:13:41
GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign the value 11 to c. The next execution in the loop wi...
CVE-2020-16128
- EPSS 0.34%
- Veröffentlicht 09.12.2020 04:15:11
- Zuletzt bearbeitet 21.11.2024 05:06:49
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubun...
CVE-2020-27349
- EPSS 0.29%
- Veröffentlicht 09.12.2020 04:15:11
- Zuletzt bearbeitet 21.11.2024 05:21:02
Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.