Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.37%
  • Veröffentlicht 31.08.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 05:00:21

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse t...

  • EPSS 0.45%
  • Veröffentlicht 27.08.2020 16:15:10
  • Zuletzt bearbeitet 21.11.2024 05:03:13

oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.

  • EPSS 5.16%
  • Veröffentlicht 24.08.2020 18:15:10
  • Zuletzt bearbeitet 21.11.2024 05:15:08

Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digest...

  • EPSS 0.49%
  • Veröffentlicht 24.08.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:03:06

A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it's opened for writing, chronyd does not check fo...

  • EPSS 0.53%
  • Veröffentlicht 24.08.2020 13:15:10
  • Zuletzt bearbeitet 21.11.2024 05:03:04

It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the insta...

  • EPSS 3.66%
  • Veröffentlicht 21.08.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:08

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

  • EPSS 2.94%
  • Veröffentlicht 21.08.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:08

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that ...

  • EPSS 5.55%
  • Veröffentlicht 21.08.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:08

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed re...

  • EPSS 6.35%
  • Veröffentlicht 21.08.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:08

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To ...

  • EPSS 3.64%
  • Veröffentlicht 21.08.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:08

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to ch...