Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 11.3%
  • Veröffentlicht 25.09.2018 00:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:30

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions ...

  • EPSS 2.06%
  • Veröffentlicht 23.09.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:20

An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnera...

Exploit
  • EPSS 0.62%
  • Veröffentlicht 22.09.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:14

UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malfo...

  • EPSS 3.01%
  • Veröffentlicht 21.09.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:29

A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.

Exploit
  • EPSS 2.72%
  • Veröffentlicht 21.09.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:11

The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with c...

Exploit
  • EPSS 2.53%
  • Veröffentlicht 19.09.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 03:54:05

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow...

  • EPSS 2.05%
  • Veröffentlicht 19.09.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 03:54:05

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding.

  • EPSS 1.91%
  • Veröffentlicht 19.09.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:05

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The O...

  • EPSS 1.83%
  • Veröffentlicht 19.09.2018 15:29:19
  • Zuletzt bearbeitet 21.11.2024 03:54:02

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.

Exploit
  • EPSS 3.21%
  • Veröffentlicht 19.09.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:02

An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, ma...