Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2020-5973

  • EPSS 0.05%
  • Veröffentlicht 30.06.2020 23:15:12
  • Zuletzt bearbeitet 21.11.2024 05:34:55

NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x ...

9.8

CVE-2017-18922

  • EPSS 4.78%
  • Veröffentlicht 30.06.2020 11:15:10
  • Zuletzt bearbeitet 21.11.2024 03:21:16

It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overf...

5.5

CVE-2020-15393

  • EPSS 0.09%
  • Veröffentlicht 29.06.2020 22:15:10
  • Zuletzt bearbeitet 21.11.2024 05:05:28

In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.

7.5

CVE-2020-4067

  • EPSS 1.1%
  • Veröffentlicht 29.06.2020 20:15:10
  • Zuletzt bearbeitet 21.11.2024 05:32:14

In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligent...

5.5

CVE-2020-15358

Exploit
  • EPSS 0.04%
  • Veröffentlicht 27.06.2020 12:15:11
  • Zuletzt bearbeitet 21.11.2024 05:05:24

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

7.5

CVE-2020-11996

  • EPSS 39.41%
  • Veröffentlicht 26.06.2020 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:59:04

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTT...

6.5

CVE-2020-10753

  • EPSS 0.41%
  • Veröffentlicht 26.06.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:55:59

A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file genera...

5.5

CVE-2020-15305

  • EPSS 0.11%
  • Veröffentlicht 26.06.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:05:17

An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.

5.5

CVE-2020-15306

  • EPSS 0.13%
  • Veröffentlicht 26.06.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:05:17

An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.

4.7

CVE-2020-5967

  • EPSS 0.04%
  • Veröffentlicht 25.06.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 05:34:55

NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service.