Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.42%
  • Veröffentlicht 28.01.2019 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:47:21

The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.

Exploit
  • EPSS 64.27%
  • Veröffentlicht 27.01.2019 02:29:00
  • Zuletzt bearbeitet 21.11.2024 04:47:20

gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This c...

  • EPSS 0.46%
  • Veröffentlicht 25.01.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:36

A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up...

Exploit
  • EPSS 17.22%
  • Veröffentlicht 23.01.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:46:59

Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.

  • EPSS 59.35%
  • Veröffentlicht 16.01.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:09:17

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feat...

  • EPSS 72.72%
  • Veröffentlicht 16.01.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:24:55

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older ve...

  • EPSS 20.24%
  • Veröffentlicht 16.01.2019 20:29:00
  • Zuletzt bearbeitet 25.04.2025 23:15:15

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4...

  • EPSS 11.07%
  • Veröffentlicht 16.01.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:17

Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended (and documented) behavior is th...

  • EPSS 4.61%
  • Veröffentlicht 16.01.2019 19:30:35
  • Zuletzt bearbeitet 21.11.2024 04:41:03

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged at...

  • EPSS 3.23%
  • Veröffentlicht 16.01.2019 19:30:35
  • Zuletzt bearbeitet 21.11.2024 04:41:03

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged...