Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Warnung Exploit
  • EPSS 83.52%
  • Veröffentlicht 10.11.2016 21:59:00
  • Zuletzt bearbeitet 21.04.2026 17:43:46

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in Oc...

  • EPSS 0.43%
  • Veröffentlicht 16.10.2016 21:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow)...

Exploit
  • EPSS 0.63%
  • Veröffentlicht 13.10.2016 14:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.

  • EPSS 24.3%
  • Veröffentlicht 10.10.2016 11:00:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

  • EPSS 6.13%
  • Veröffentlicht 03.10.2016 18:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.

Exploit
  • EPSS 3.86%
  • Veröffentlicht 03.10.2016 18:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.

Exploit
  • EPSS 1.61%
  • Veröffentlicht 03.10.2016 18:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.

Exploit
  • EPSS 1.64%
  • Veröffentlicht 03.10.2016 18:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable.

  • EPSS 8.58%
  • Veröffentlicht 03.10.2016 15:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot.

Exploit
  • EPSS 4.71%
  • Veröffentlicht 27.09.2016 15:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string.