Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 5.29%
  • Veröffentlicht 18.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:05

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

  • EPSS 3.45%
  • Veröffentlicht 18.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:17

libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.

  • EPSS 1.9%
  • Veröffentlicht 14.06.2018 20:29:00
  • Zuletzt bearbeitet 03.12.2025 21:15:47

Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes ...

Exploit
  • EPSS 0.89%
  • Veröffentlicht 13.06.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:21

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka ...

  • EPSS 0.82%
  • Veröffentlicht 13.06.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 03:44:04

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

Exploit
  • EPSS 2.89%
  • Veröffentlicht 13.06.2018 11:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:53

Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.

Exploit
  • EPSS 2.89%
  • Veröffentlicht 13.06.2018 11:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:53

Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.

  • EPSS 0.38%
  • Veröffentlicht 12.06.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:27

In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by s...

  • EPSS 49.27%
  • Veröffentlicht 12.06.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:49

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime result...

  • EPSS 2.34%
  • Veröffentlicht 12.06.2018 12:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:49

In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered b...