Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-6484

Exploit
  • EPSS 0.42%
  • Veröffentlicht 01.02.2018 05:29:00
  • Zuletzt bearbeitet 10.07.2025 15:44:54

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

5.5

CVE-2017-18043

  • EPSS 0.13%
  • Veröffentlicht 31.01.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:14

Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).

7.8

CVE-2018-1000001

Exploit
  • EPSS 33.68%
  • Veröffentlicht 31.01.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:23

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.

6.5

CVE-2018-6405

Exploit
  • EPSS 0.76%
  • Veröffentlicht 30.01.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:10:38

In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to ...

6.5

CVE-2018-6381

Exploit
  • EPSS 0.32%
  • Veröffentlicht 29.01.2018 17:29:00
  • Zuletzt bearbeitet 10.07.2025 15:44:54

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size v...

7.8

CVE-2017-18079

  • EPSS 0.03%
  • Veröffentlicht 29.01.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:19

drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is va...

5.5

CVE-2018-5750

  • EPSS 0.04%
  • Veröffentlicht 26.01.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:18

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

7.5

CVE-2017-15132

  • EPSS 1.46%
  • Veröffentlicht 25.01.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:14:08

A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are re...

7.5

CVE-2018-6196

Exploit
  • EPSS 0.59%
  • Veröffentlicht 25.01.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 04:10:16

w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.

7.5

CVE-2018-6197

Exploit
  • EPSS 1.15%
  • Veröffentlicht 25.01.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 04:10:16

w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.