Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 5.19%
  • Veröffentlicht 28.07.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:06:24

A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and...

  • EPSS 1.47%
  • Veröffentlicht 27.07.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:04:48

In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindl...

Exploit
  • EPSS 7.79%
  • Veröffentlicht 22.07.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:35:52

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

Exploit
  • EPSS 2.86%
  • Veröffentlicht 21.07.2020 22:15:12
  • Zuletzt bearbeitet 03.11.2025 19:15:39

LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled.

  • EPSS 3.2%
  • Veröffentlicht 20.07.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:31:09

A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to...

  • EPSS 4.56%
  • Veröffentlicht 17.07.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:02:19

The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins w...

Exploit
  • EPSS 2.81%
  • Veröffentlicht 17.07.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:04:27

evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."

  • EPSS 1.31%
  • Veröffentlicht 15.07.2020 22:15:14
  • Zuletzt bearbeitet 21.11.2024 05:06:09

An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.

  • EPSS 0.51%
  • Veröffentlicht 15.07.2020 22:15:13
  • Zuletzt bearbeitet 21.11.2024 04:39:39

An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.

  • EPSS 1.99%
  • Veröffentlicht 15.07.2020 18:15:34
  • Zuletzt bearbeitet 21.11.2024 05:03:55

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m...