Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 14.62%
  • Veröffentlicht 15.01.2016 03:59:23
  • Zuletzt bearbeitet 06.05.2026 22:30:45

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of...

Exploit
  • EPSS 13.02%
  • Veröffentlicht 15.01.2016 03:59:23
  • Zuletzt bearbeitet 06.05.2026 22:30:45

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary lin...

  • EPSS 76.45%
  • Veröffentlicht 14.01.2016 22:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.

  • EPSS 3.12%
  • Veröffentlicht 13.01.2016 15:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted st...

  • EPSS 7.39%
  • Veröffentlicht 12.01.2016 19:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.

  • EPSS 2.88%
  • Veröffentlicht 09.01.2016 02:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it e...

  • EPSS 6.66%
  • Veröffentlicht 08.01.2016 20:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.

  • EPSS 3.13%
  • Veröffentlicht 29.12.2015 22:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, wh...

  • EPSS 7.12%
  • Veröffentlicht 29.12.2015 22:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via cra...

  • EPSS 13.58%
  • Veröffentlicht 29.12.2015 22:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote att...