Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.63%
  • Veröffentlicht 16.05.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:54

An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

Exploit
  • EPSS 2.44%
  • Veröffentlicht 16.05.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:55

An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

  • EPSS 21.98%
  • Veröffentlicht 16.05.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:13:05

The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter ...

  • EPSS 0.77%
  • Veröffentlicht 15.05.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:09

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS ...

Exploit
  • EPSS 2.47%
  • Veröffentlicht 12.05.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:27

An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.

Exploit
  • EPSS 2.43%
  • Veröffentlicht 12.05.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:28

An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read.

  • EPSS 0.4%
  • Veröffentlicht 10.05.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:13

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel ...

Exploit
  • EPSS 1.91%
  • Veröffentlicht 10.05.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:43

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.

  • EPSS 2.49%
  • Veröffentlicht 10.05.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:43

The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafte...

  • EPSS 0.5%
  • Veröffentlicht 10.05.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:15

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.