Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.74%
  • Veröffentlicht 10.11.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:25

Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.

  • EPSS 1.82%
  • Veröffentlicht 08.11.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:20

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.

  • EPSS 1.94%
  • Veröffentlicht 08.11.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:20

In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.

Exploit
  • EPSS 1.95%
  • Veröffentlicht 07.11.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 03:57:14

An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.

Exploit
  • EPSS 2.09%
  • Veröffentlicht 07.11.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:14

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.

Exploit
  • EPSS 2.06%
  • Veröffentlicht 07.11.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:14

An issue was discovered in Poppler 0.71.0. There is a out-of-bounds read in EmbFile::save2 in FileSpec.cc, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating embedded files before save attempts.

  • EPSS 47.06%
  • Veröffentlicht 07.11.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:25

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option...

  • EPSS 12.4%
  • Veröffentlicht 07.11.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:25

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the '...

  • EPSS 9.8%
  • Veröffentlicht 07.11.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:25

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using ...

  • EPSS 0.42%
  • Veröffentlicht 06.11.2018 17:29:01
  • Zuletzt bearbeitet 21.11.2024 04:15:37

In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for e...