Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 3.1%
  • Veröffentlicht 22.03.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:34

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.

  • EPSS 0.42%
  • Veröffentlicht 21.03.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:39

fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.

  • EPSS 1.13%
  • Veröffentlicht 20.03.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:31

Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.

  • EPSS 0.53%
  • Veröffentlicht 20.03.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:23

Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicio...

  • EPSS 2.14%
  • Veröffentlicht 20.03.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:45

GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have bee...

  • EPSS 3.83%
  • Veröffentlicht 20.03.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:21

WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.

  • EPSS 0.45%
  • Veröffentlicht 16.03.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:06

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

Exploit
  • EPSS 1.53%
  • Veröffentlicht 15.03.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:38

An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.

Exploit
  • EPSS 1.71%
  • Veröffentlicht 15.03.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:38

An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles...

Exploit
  • EPSS 1.7%
  • Veröffentlicht 15.03.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:38

An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.