Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 88.37%
  • Veröffentlicht 05.03.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:40

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification...

  • EPSS 2.6%
  • Veröffentlicht 02.03.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:14:07

A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups, leading to excessive memory usage and the process to restart.

  • EPSS 14.14%
  • Veröffentlicht 02.03.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:05

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 ar...

  • EPSS 3.5%
  • Veröffentlicht 02.03.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:06

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty Tar...

  • EPSS 2.92%
  • Veröffentlicht 01.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:34

In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

  • EPSS 3.97%
  • Veröffentlicht 01.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:34

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.

Exploit
  • EPSS 87.61%
  • Veröffentlicht 01.03.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:25

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This ...

  • EPSS 0.61%
  • Veröffentlicht 01.03.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:20

The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or ...

  • EPSS 17.38%
  • Veröffentlicht 28.02.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:35

The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definiti...

  • EPSS 2.74%
  • Veröffentlicht 27.02.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 02:03:27

In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.