Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 6.43%
  • Veröffentlicht 11.07.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:21

Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nons...

  • EPSS 1.2%
  • Veröffentlicht 10.07.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:12

A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other...

  • EPSS 4.47%
  • Veröffentlicht 09.07.2018 13:29:00
  • Zuletzt bearbeitet 29.05.2026 21:16:32

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

Exploit
  • EPSS 3.11%
  • Veröffentlicht 08.07.2018 16:29:00
  • Zuletzt bearbeitet 13.08.2025 20:48:07

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.

Exploit
  • EPSS 1.01%
  • Veröffentlicht 06.07.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 03:47:02

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a memb...

  • EPSS 0.53%
  • Veröffentlicht 06.07.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 03:47:02

An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.

  • EPSS 4.19%
  • Veröffentlicht 05.07.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:05

The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.

Exploit
  • EPSS 3.97%
  • Veröffentlicht 05.07.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:31

In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.

Exploit
  • EPSS 2.18%
  • Veröffentlicht 03.07.2018 10:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:25

An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.

  • EPSS 2.59%
  • Veröffentlicht 03.07.2018 10:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:25

An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.