Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2017-0901

Exploit
  • EPSS 18.56%
  • Veröffentlicht 31.08.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.

8.1

CVE-2017-0902

Exploit
  • EPSS 5.21%
  • Veröffentlicht 31.08.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.

9.8

CVE-2017-14064

Exploit
  • EPSS 1.21%
  • Veröffentlicht 31.08.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning...

6.5

CVE-2017-14060

  • EPSS 0.48%
  • Veröffentlicht 31.08.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c f...

6.5

CVE-2017-13768

  • EPSS 0.88%
  • Veröffentlicht 30.08.2017 09:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.

6.5

CVE-2017-13769

  • EPSS 0.53%
  • Veröffentlicht 30.08.2017 09:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

6.5

CVE-2017-12877

  • EPSS 1.19%
  • Veröffentlicht 28.08.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.

7.1

CVE-2014-9637

  • EPSS 0.38%
  • Veröffentlicht 25.08.2017 18:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.

7.8

CVE-2015-1324

  • EPSS 0.11%
  • Veröffentlicht 25.08.2017 18:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local user...

7

CVE-2015-1325

Exploit
  • EPSS 0.38%
  • Veröffentlicht 25.08.2017 18:29:00
  • Zuletzt bearbeitet 03.11.2025 20:15:41

Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LT...