Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.69%
  • Veröffentlicht 09.01.2019 23:29:05
  • Zuletzt bearbeitet 21.11.2024 04:42:08

In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing ...

  • EPSS 2.54%
  • Veröffentlicht 09.01.2019 23:29:05
  • Zuletzt bearbeitet 21.11.2024 04:45:41

Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.

Exploit
  • EPSS 7.69%
  • Veröffentlicht 09.01.2019 16:29:00
  • Zuletzt bearbeitet 09.06.2025 16:15:29

An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This...

Exploit
  • EPSS 4.65%
  • Veröffentlicht 09.01.2019 16:29:00
  • Zuletzt bearbeitet 09.06.2025 16:15:31

An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP mess...

  • EPSS 0.36%
  • Veröffentlicht 03.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:31

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmap...

Exploit
  • EPSS 0.7%
  • Veröffentlicht 03.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:21

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_AD...

  • EPSS 2.46%
  • Veröffentlicht 03.01.2019 15:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:30

ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.

  • EPSS 2.24%
  • Veröffentlicht 03.01.2019 13:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:57

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is m...

  • EPSS 0.35%
  • Veröffentlicht 02.01.2019 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:08

aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.

  • EPSS 2.68%
  • Veröffentlicht 01.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:56

A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach.