Canonical

Ubuntu Linux

4108 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-16303

Exploit
  • EPSS 2.95%
  • Veröffentlicht 13.08.2020 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:07:08

A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.

5.5

CVE-2020-16287

Exploit
  • EPSS 1.42%
  • Veröffentlicht 13.08.2020 03:15:12
  • Zuletzt bearbeitet 21.11.2024 05:07:05

A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5

CVE-2020-16288

Exploit
  • EPSS 1.09%
  • Veröffentlicht 13.08.2020 03:15:12
  • Zuletzt bearbeitet 21.11.2024 05:07:06

A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5

CVE-2020-16289

Exploit
  • EPSS 0.67%
  • Veröffentlicht 13.08.2020 03:15:12
  • Zuletzt bearbeitet 21.11.2024 05:07:06

A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5

CVE-2020-16290

Exploit
  • EPSS 0.67%
  • Veröffentlicht 13.08.2020 03:15:12
  • Zuletzt bearbeitet 21.11.2024 05:07:06

A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

5.5

CVE-2020-16291

Exploit
  • EPSS 0.43%
  • Veröffentlicht 13.08.2020 03:15:12
  • Zuletzt bearbeitet 04.03.2025 19:15:36

A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.

7.5

CVE-2020-12100

Exploit
  • EPSS 19.61%
  • Veröffentlicht 12.08.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:14

In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.

7.5

CVE-2020-12673

Exploit
  • EPSS 5.63%
  • Veröffentlicht 12.08.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:02

In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.

7.5

CVE-2020-12674

Exploit
  • EPSS 25.8%
  • Veröffentlicht 12.08.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:02

In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.

4.3

CVE-2020-17489

Exploit
  • EPSS 0.15%
  • Veröffentlicht 11.08.2020 21:15:10
  • Zuletzt bearbeitet 21.11.2024 05:08:13

An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password show...