Canonical

Ubuntu Linux

4108 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2017-13088

  • EPSS 1.11%
  • Veröffentlicht 17.10.2017 13:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to repl...

6.8

CVE-2017-13077

  • EPSS 0.66%
  • Veröffentlicht 17.10.2017 02:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

9.8

CVE-2017-12629

Exploit
  • EPSS 93.89%
  • Veröffentlicht 14.10.2017 23:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is N...

5.5

CVE-2017-15298

Exploit
  • EPSS 0.45%
  • Veröffentlicht 14.10.2017 22:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected pro...

8.8

CVE-2017-15281

  • EPSS 0.59%
  • Veröffentlicht 12.10.2017 08:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised v...

8.8

CVE-2017-2888

Exploit
  • EPSS 1.63%
  • Veröffentlicht 11.10.2017 18:29:05
  • Zuletzt bearbeitet 13.05.2026 00:24:29

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential...

9.8

CVE-2017-0903

  • EPSS 5.55%
  • Veröffentlicht 11.10.2017 18:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalat...

6.5

CVE-2017-15217

  • EPSS 0.53%
  • Veröffentlicht 10.10.2017 20:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.

6.5

CVE-2017-15218

  • EPSS 0.25%
  • Veröffentlicht 10.10.2017 20:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.

6.5

CVE-2014-9092

  • EPSS 1.58%
  • Veröffentlicht 10.10.2017 13:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.