Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.13%
  • Veröffentlicht 09.11.2015 03:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field...

  • EPSS 4.54%
  • Veröffentlicht 09.11.2015 03:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mis...

  • EPSS 6.24%
  • Veröffentlicht 09.11.2015 03:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that...

  • EPSS 3.5%
  • Veröffentlicht 06.11.2015 21:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_...

  • EPSS 6.07%
  • Veröffentlicht 06.11.2015 18:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.

  • EPSS 7.18%
  • Veröffentlicht 06.11.2015 18:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value...

Exploit
  • EPSS 4.78%
  • Veröffentlicht 02.11.2015 19:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversiz...

Medienbericht
  • EPSS 19.31%
  • Veröffentlicht 27.10.2015 16:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang)...

  • EPSS 5.8%
  • Veröffentlicht 26.10.2015 17:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which trig...

  • EPSS 5.05%
  • Veröffentlicht 26.10.2015 14:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (...