Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-18661

Exploit
  • EPSS 0.19%
  • Veröffentlicht 26.10.2018 14:29:02
  • Zuletzt bearbeitet 21.11.2024 03:56:20

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.

7.8

CVE-2018-15686

Exploit
  • EPSS 1.13%
  • Veröffentlicht 26.10.2018 14:29:00
  • Zuletzt bearbeitet 09.06.2025 16:15:28

A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affec...

7

CVE-2018-15687

Exploit
  • EPSS 0.33%
  • Veröffentlicht 26.10.2018 14:29:00
  • Zuletzt bearbeitet 09.06.2025 16:15:28

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

8.8

CVE-2018-15688

  • EPSS 0.73%
  • Veröffentlicht 26.10.2018 14:29:00
  • Zuletzt bearbeitet 09.06.2025 16:15:28

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.

7.8

CVE-2018-18653

Exploit
  • EPSS 0.02%
  • Veröffentlicht 26.10.2018 00:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:18

The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a m...

7.2

CVE-2018-14665

Exploit
  • EPSS 14.46%
  • Veröffentlicht 25.10.2018 20:29:00
  • Zuletzt bearbeitet 29.08.2025 13:42:30

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate the...

6.5

CVE-2018-18584

  • EPSS 6.37%
  • Veröffentlicht 23.10.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:12

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

4.3

CVE-2018-18585

Exploit
  • EPSS 1.46%
  • Veröffentlicht 23.10.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:12

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

8.8

CVE-2018-18557

Exploit
  • EPSS 32.24%
  • Veröffentlicht 22.10.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:09

LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignorin...

8.6

CVE-2018-18284

Exploit
  • EPSS 0.33%
  • Veröffentlicht 19.10.2018 22:29:01
  • Zuletzt bearbeitet 21.11.2024 03:55:38

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.