Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 7.26%
  • Veröffentlicht 29.12.2015 22:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-s...

Exploit
  • EPSS 13.27%
  • Veröffentlicht 29.12.2015 22:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points o...

  • EPSS 10.17%
  • Veröffentlicht 17.12.2015 19:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.

  • EPSS 0.59%
  • Veröffentlicht 17.12.2015 19:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS...

Exploit
  • EPSS 5.91%
  • Veröffentlicht 15.12.2015 21:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds ...

  • EPSS 4.27%
  • Veröffentlicht 15.12.2015 21:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive informati...

  • EPSS 5.44%
  • Veröffentlicht 15.12.2015 21:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML dat...

  • EPSS 5.92%
  • Veröffentlicht 15.12.2015 21:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.

  • EPSS 6.46%
  • Veröffentlicht 15.12.2015 21:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.

  • EPSS 7.02%
  • Veröffentlicht 15.12.2015 21:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.