Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.11%
  • Veröffentlicht 03.02.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:10:57

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only ...

  • EPSS 0.4%
  • Veröffentlicht 02.02.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:12:18

Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileg...

  • EPSS 0.36%
  • Veröffentlicht 02.02.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:12:18

Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root priv...

  • EPSS 0.45%
  • Veröffentlicht 02.02.2018 14:29:00
  • Zuletzt bearbeitet 03.11.2025 20:15:41

Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain...

Exploit
  • EPSS 2.31%
  • Veröffentlicht 02.02.2018 09:29:00
  • Zuletzt bearbeitet 10.07.2025 15:44:54

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

Exploit
  • EPSS 2.31%
  • Veröffentlicht 02.02.2018 09:29:00
  • Zuletzt bearbeitet 10.07.2025 15:44:54

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could leverage this vulnerability to cause a denial of service...

Exploit
  • EPSS 2.24%
  • Veröffentlicht 01.02.2018 05:29:00
  • Zuletzt bearbeitet 10.07.2025 15:44:54

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

  • EPSS 0.44%
  • Veröffentlicht 31.01.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:14

Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).

Exploit
  • EPSS 13.37%
  • Veröffentlicht 31.01.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:23

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.

Exploit
  • EPSS 1.67%
  • Veröffentlicht 30.01.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:10:38

In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to ...