Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.52%
  • Veröffentlicht 10.05.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:23

In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.

Exploit
  • EPSS 3.77%
  • Veröffentlicht 10.05.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:24

The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.

Exploit
  • EPSS 18.7%
  • Veröffentlicht 08.05.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:33

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that ...

  • EPSS 0.47%
  • Veröffentlicht 08.05.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:23:47

python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain...

  • EPSS 2.05%
  • Veröffentlicht 08.05.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:03

ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.

  • EPSS 1.84%
  • Veröffentlicht 08.05.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:03

ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

Exploit
  • EPSS 3.05%
  • Veröffentlicht 07.05.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:02

TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.

Exploit
  • EPSS 2.44%
  • Veröffentlicht 06.05.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:00

There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are no...

Exploit
  • EPSS 17.04%
  • Veröffentlicht 06.05.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:21

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.

  • EPSS 0.43%
  • Veröffentlicht 02.05.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:49

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.