Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.53%
  • Veröffentlicht 26.11.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:28

A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data ...

Exploit
  • EPSS 2.8%
  • Veröffentlicht 26.11.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:07

An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29...

Exploit
  • EPSS 1.95%
  • Veröffentlicht 26.11.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:07

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

Exploit
  • EPSS 1.55%
  • Veröffentlicht 26.11.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:07

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

Exploit
  • EPSS 2.09%
  • Veröffentlicht 26.11.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:06

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

Exploit
  • EPSS 95.23%
  • Veröffentlicht 25.11.2018 10:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:04

University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without pre...

  • EPSS 4.12%
  • Veröffentlicht 23.11.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:00

Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to exec...

Exploit
  • EPSS 9.55%
  • Veröffentlicht 23.11.2018 05:29:03
  • Zuletzt bearbeitet 21.11.2024 03:57:59

psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.

Exploit
  • EPSS 3.04%
  • Veröffentlicht 23.11.2018 05:29:03
  • Zuletzt bearbeitet 21.11.2024 03:57:59

psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.

Exploit
  • EPSS 3.04%
  • Veröffentlicht 23.11.2018 05:29:03
  • Zuletzt bearbeitet 21.11.2024 03:57:59

psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.