Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.44%
  • Veröffentlicht 02.12.2018 10:29:00
  • Zuletzt bearbeitet 18.12.2025 16:15:46

An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Interne...

Exploit
  • EPSS 5.24%
  • Veröffentlicht 29.11.2018 18:29:01
  • Zuletzt bearbeitet 21.11.2024 04:14:19

FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).

Exploit
  • EPSS 7.29%
  • Veröffentlicht 29.11.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:18

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.

Exploit
  • EPSS 7.29%
  • Veröffentlicht 29.11.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:18

FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.

Exploit
  • EPSS 8.16%
  • Veröffentlicht 29.11.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:18

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.

Exploit
  • EPSS 8.36%
  • Veröffentlicht 29.11.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:18

FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.

Exploit
  • EPSS 7.4%
  • Veröffentlicht 29.11.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:18

FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.

Exploit
  • EPSS 5.19%
  • Veröffentlicht 28.11.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:27

A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denia...

  • EPSS 4.59%
  • Veröffentlicht 28.11.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:25

Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validl...

  • EPSS 3.25%
  • Veröffentlicht 28.11.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:26

Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory obj...