Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 9.35%
  • Veröffentlicht 25.04.2016 00:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade att...

  • EPSS 2.58%
  • Veröffentlicht 25.04.2016 00:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certific...

  • EPSS 2.9%
  • Veröffentlicht 25.04.2016 00:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive sessi...

  • EPSS 8.31%
  • Veröffentlicht 25.04.2016 00:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove app...

  • EPSS 19.1%
  • Veröffentlicht 25.04.2016 00:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consum...

  • EPSS 0.76%
  • Veröffentlicht 21.04.2016 14:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via...

Warnung
  • EPSS 92.33%
  • Veröffentlicht 21.04.2016 11:00:21
  • Zuletzt bearbeitet 22.04.2026 13:41:41

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

  • EPSS 1.46%
  • Veröffentlicht 21.04.2016 10:59:32
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.

  • EPSS 1.03%
  • Veröffentlicht 21.04.2016 10:59:29
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption.

  • EPSS 1.2%
  • Veröffentlicht 21.04.2016 10:59:27
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options.