Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2017-18271

  • EPSS 0.27%
  • Veröffentlicht 18.05.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:44

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.

7.1

CVE-2017-18273

Exploit
  • EPSS 0.21%
  • Veröffentlicht 18.05.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:44

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in ...

7.8

CVE-2018-11237

  • EPSS 0.8%
  • Veröffentlicht 18.05.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:58

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.

6.5

CVE-2018-11212

Exploit
  • EPSS 1.9%
  • Veröffentlicht 16.05.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:54

An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.

6.5

CVE-2018-11213

Exploit
  • EPSS 0.91%
  • Veröffentlicht 16.05.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:54

An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

6.5

CVE-2018-11214

Exploit
  • EPSS 1.05%
  • Veröffentlicht 16.05.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:55

An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

9.8

CVE-2018-8014

  • EPSS 48.79%
  • Veröffentlicht 16.05.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:13:05

The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter ...

7.8

CVE-2018-1087

  • EPSS 0.04%
  • Veröffentlicht 15.05.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:09

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS ...

6.5

CVE-2018-10998

Exploit
  • EPSS 0.92%
  • Veröffentlicht 12.05.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:27

An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.

6.5

CVE-2018-10999

Exploit
  • EPSS 1.62%
  • Veröffentlicht 12.05.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:28

An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read.