Canonical

Ubuntu Linux

4108 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2014-9846

  • EPSS 2.72%
  • Veröffentlicht 20.03.2017 16:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.

5.5

CVE-2014-9853

  • EPSS 0.19%
  • Veröffentlicht 17.03.2017 14:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

7.5

CVE-2014-9854

  • EPSS 1.94%
  • Veröffentlicht 17.03.2017 14:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

7.5

CVE-2017-6960

  • EPSS 0.36%
  • Veröffentlicht 17.03.2017 09:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable.

6.9

CVE-2017-6590

Exploit
  • EPSS 0.1%
  • Veröffentlicht 09.03.2017 19:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login screen to access local files and execute arbitrary c...

7.8

CVE-2017-5669

  • EPSS 0.06%
  • Veröffentlicht 24.02.2017 15:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for ...

7.5

CVE-2016-10109

  • EPSS 7.05%
  • Veröffentlicht 23.02.2017 20:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.

7.5

CVE-2017-6056

  • EPSS 13.83%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backportin...

9.8

CVE-2015-8768

  • EPSS 1.59%
  • Veröffentlicht 13.02.2017 18:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

click/install.py in click does not require files in package filesystem tarballs to start with ./ (dot slash), which allows remote attackers to install an alternate security policy and gain privileges via a crafted package, as demonstrated by the test...

8.8

CVE-2016-3616

  • EPSS 1.6%
  • Veröffentlicht 13.02.2017 18:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.