Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 19.21%
  • Veröffentlicht 28.12.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 03:40:35

PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is ca...

  • EPSS 3.38%
  • Veröffentlicht 26.12.2018 21:29:02
  • Zuletzt bearbeitet 11.02.2025 20:11:38

An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.

Exploit
  • EPSS 3.42%
  • Veröffentlicht 26.12.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:34

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser...

Exploit
  • EPSS 3.1%
  • Veröffentlicht 26.12.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:32

In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

  • EPSS 0.49%
  • Veröffentlicht 20.12.2018 23:29:02
  • Zuletzt bearbeitet 21.11.2024 04:00:54

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.

  • EPSS 3.73%
  • Veröffentlicht 20.12.2018 23:29:02
  • Zuletzt bearbeitet 21.11.2024 04:01:03

hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).

  • EPSS 3.88%
  • Veröffentlicht 20.12.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 04:01:05

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).

  • EPSS 3.68%
  • Veröffentlicht 20.12.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:54

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.

  • EPSS 0.49%
  • Veröffentlicht 20.12.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:54

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.

Exploit
  • EPSS 0.66%
  • Veröffentlicht 20.12.2018 17:29:01
  • Zuletzt bearbeitet 21.11.2024 03:40:33

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows executi...