Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-3165

  • EPSS 9.71%
  • Veröffentlicht 28.05.2015 14:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the auth...

9.3

CVE-2015-3331

  • EPSS 4.09%
  • Veröffentlicht 27.05.2015 10:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of serv...

1.9

CVE-2015-2830

  • EPSS 0.04%
  • Veröffentlicht 27.05.2015 10:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the...

4.3

CVE-2015-4000

  • EPSS 93.9%
  • Veröffentlicht 21.05.2015 00:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a Clie...

7.2

CVE-2015-3409

  • EPSS 0.06%
  • Veröffentlicht 19.05.2015 18:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.

10

CVE-2015-3408

  • EPSS 3.93%
  • Veröffentlicht 19.05.2015 18:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.

5

CVE-2015-3407

  • EPSS 0.36%
  • Veröffentlicht 19.05.2015 18:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files.

5

CVE-2015-3451

  • EPSS 4.98%
  • Veröffentlicht 12.05.2015 19:59:21
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.

5

CVE-2015-2668

  • EPSS 0.77%
  • Veröffentlicht 12.05.2015 19:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.

5

CVE-2015-2222

  • EPSS 0.77%
  • Veröffentlicht 12.05.2015 19:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.