Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.68%
  • Veröffentlicht 12.02.2016 05:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a ...

  • EPSS 3.65%
  • Veröffentlicht 08.02.2016 03:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and us...

  • EPSS 0.39%
  • Veröffentlicht 08.02.2016 03:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

  • EPSS 0.42%
  • Veröffentlicht 08.02.2016 03:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/ke...

  • EPSS 0.56%
  • Veröffentlicht 08.02.2016 03:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_v...

  • EPSS 1.93%
  • Veröffentlicht 31.01.2016 18:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.

  • EPSS 9.33%
  • Veröffentlicht 29.01.2016 20:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015.

  • EPSS 3.74%
  • Veröffentlicht 27.01.2016 20:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly ver...

  • EPSS 0.37%
  • Veröffentlicht 22.01.2016 15:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.

  • EPSS 3.8%
  • Veröffentlicht 21.01.2016 03:02:39
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.