Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.46%
  • Veröffentlicht 21.03.2019 16:00:36
  • Zuletzt bearbeitet 21.11.2024 04:01:51

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are s...

  • EPSS 0.56%
  • Veröffentlicht 21.03.2019 16:00:29
  • Zuletzt bearbeitet 21.11.2024 03:56:44

In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.

  • EPSS 2.36%
  • Veröffentlicht 21.03.2019 16:00:29
  • Zuletzt bearbeitet 21.11.2024 03:56:50

The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.

  • EPSS 1.57%
  • Veröffentlicht 12.03.2019 09:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:10

In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.

  • EPSS 1.42%
  • Veröffentlicht 12.03.2019 09:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:10

A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.

  • EPSS 6.02%
  • Veröffentlicht 11.03.2019 11:29:12
  • Zuletzt bearbeitet 21.11.2024 04:52:05

An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a s...

Exploit
  • EPSS 2.14%
  • Veröffentlicht 11.03.2019 05:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:03

An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.

  • EPSS 7.35%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename ...

Exploit
  • EPSS 6.68%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.

Exploit
  • EPSS 8.2%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.