Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 11.5%
  • Veröffentlicht 24.08.2018 19:29:01
  • Zuletzt bearbeitet 21.11.2024 03:50:20

libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.

  • EPSS 3.27%
  • Veröffentlicht 23.08.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:31

The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure.

  • EPSS 4.3%
  • Veröffentlicht 22.08.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:09

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and ...

  • EPSS 2.55%
  • Veröffentlicht 22.08.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:18

A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versi...

  • EPSS 2.2%
  • Veröffentlicht 22.08.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:18

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Sa...

  • EPSS 3.11%
  • Veröffentlicht 22.08.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:16

A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between ...

  • EPSS 3.62%
  • Veröffentlicht 22.08.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:07

It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data...

  • EPSS 3.62%
  • Veröffentlicht 22.08.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:07

It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing dat...

  • EPSS 0.39%
  • Veröffentlicht 22.08.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:07

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain ...

  • EPSS 0.52%
  • Veröffentlicht 21.08.2018 19:29:00
  • Zuletzt bearbeitet 07.07.2026 15:16:40

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmi...