Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.25%
  • Veröffentlicht 07.09.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain s...

Exploit
  • EPSS 2.12%
  • Veröffentlicht 07.09.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain suf...

  • EPSS 3.34%
  • Veröffentlicht 06.09.2017 18:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_fo...

  • EPSS 1.91%
  • Veröffentlicht 01.09.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

Exploit
  • EPSS 2.95%
  • Veröffentlicht 01.09.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.

Exploit
  • EPSS 2.91%
  • Veröffentlicht 01.09.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.

Exploit
  • EPSS 29.44%
  • Veröffentlicht 31.08.2017 20:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.

Exploit
  • EPSS 4.75%
  • Veröffentlicht 31.08.2017 20:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.

Exploit
  • EPSS 9.45%
  • Veröffentlicht 31.08.2017 17:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning...

  • EPSS 1.61%
  • Veröffentlicht 31.08.2017 15:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c f...