Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 97.36%
  • Veröffentlicht 06.10.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:27

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has ...

  • EPSS 94.49%
  • Veröffentlicht 04.10.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:01

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause...

  • EPSS 0.35%
  • Veröffentlicht 03.10.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:18

An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwindi...

  • EPSS 3.51%
  • Veröffentlicht 03.10.2018 20:29:09
  • Zuletzt bearbeitet 21.11.2024 03:54:34

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.

Exploit
  • EPSS 2.35%
  • Veröffentlicht 28.09.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:38

CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.

  • EPSS 1.89%
  • Veröffentlicht 26.09.2018 21:29:01
  • Zuletzt bearbeitet 03.12.2025 21:15:50

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verificati...

  • EPSS 1.89%
  • Veröffentlicht 26.09.2018 21:29:01
  • Zuletzt bearbeitet 03.12.2025 21:15:50

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature ve...

  • EPSS 51%
  • Veröffentlicht 25.09.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:58

In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitiga...

Warnung Exploit
  • EPSS 14.81%
  • Veröffentlicht 25.09.2018 21:29:00
  • Zuletzt bearbeitet 27.01.2026 15:55:15

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6...

  • EPSS 8.74%
  • Veröffentlicht 25.09.2018 00:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:28

A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer over...