Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 84.93%
  • Veröffentlicht 04.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

  • EPSS 93.31%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.

Exploit
  • EPSS 83.64%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.

  • EPSS 67.55%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

  • EPSS 84.32%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.

  • EPSS 66.35%
  • Veröffentlicht 03.10.2017 01:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

  • EPSS 65.41%
  • Veröffentlicht 03.10.2017 01:29:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platf...

Exploit
  • EPSS 1.07%
  • Veröffentlicht 29.09.2017 01:34:49
  • Zuletzt bearbeitet 13.05.2026 00:24:29

An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

Exploit
  • EPSS 1.07%
  • Veröffentlicht 29.09.2017 01:34:49
  • Zuletzt bearbeitet 13.05.2026 00:24:29

An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

Exploit
  • EPSS 1.07%
  • Veröffentlicht 29.09.2017 01:34:49
  • Zuletzt bearbeitet 13.05.2026 00:24:29

An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.