Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.76%
  • Veröffentlicht 13.06.2016 19:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of a...

  • EPSS 2.93%
  • Veröffentlicht 13.06.2016 19:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.3 allows remote attackers to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data.

  • EPSS 1.87%
  • Veröffentlicht 13.06.2016 19:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.

  • EPSS 1.87%
  • Veröffentlicht 13.06.2016 19:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.

  • EPSS 2.15%
  • Veröffentlicht 13.06.2016 19:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.

  • EPSS 3.81%
  • Veröffentlicht 13.06.2016 19:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity d...

  • EPSS 2.99%
  • Veröffentlicht 13.06.2016 14:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.

  • EPSS 3.38%
  • Veröffentlicht 13.06.2016 10:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

  • EPSS 1.37%
  • Veröffentlicht 13.06.2016 10:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet.

  • EPSS 1.49%
  • Veröffentlicht 13.06.2016 10:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes.