Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2018-1118

  • EPSS 0.11%
  • Veröffentlicht 10.05.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:13

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel ...

5.5

CVE-2017-18267

Exploit
  • EPSS 0.25%
  • Veröffentlicht 10.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:43

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.

8.8

CVE-2017-18266

  • EPSS 1%
  • Veröffentlicht 10.05.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:43

The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafte...

5.5

CVE-2018-1130

  • EPSS 0.05%
  • Veröffentlicht 10.05.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:15

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

6.5

CVE-2018-10958

Exploit
  • EPSS 1.62%
  • Veröffentlicht 10.05.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:23

In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.

6.5

CVE-2018-10963

Exploit
  • EPSS 0.36%
  • Veröffentlicht 10.05.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:24

The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.

7.8

CVE-2018-8897

Exploit
  • EPSS 24.8%
  • Veröffentlicht 08.05.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:33

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that ...

5.5

CVE-2017-2592

  • EPSS 0.09%
  • Veröffentlicht 08.05.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:23:47

python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain...

6.5

CVE-2018-10804

  • EPSS 0.1%
  • Veröffentlicht 08.05.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:03

ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.

6.5

CVE-2018-10805

  • EPSS 0.14%
  • Veröffentlicht 08.05.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:03

ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.