Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.77%
  • Veröffentlicht 06.07.2015 02:01:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact ...

  • EPSS 3.77%
  • Veröffentlicht 06.07.2015 02:01:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archiv...

  • EPSS 2.65%
  • Veröffentlicht 06.07.2015 02:01:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, whic...

  • EPSS 5.87%
  • Veröffentlicht 06.07.2015 02:00:55
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and appli...

Exploit
  • EPSS 3.28%
  • Veröffentlicht 06.07.2015 02:00:49
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS sta...

  • EPSS 1.44%
  • Veröffentlicht 01.07.2015 14:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload an...

  • EPSS 2.62%
  • Veröffentlicht 25.06.2015 16:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.

  • EPSS 2.39%
  • Veröffentlicht 16.06.2015 16:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via...

  • EPSS 9.67%
  • Veröffentlicht 15.06.2015 15:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

  • EPSS 2.03%
  • Veröffentlicht 10.06.2015 18:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is...