Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.82%
  • Veröffentlicht 07.01.2015 19:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.

  • EPSS 0.36%
  • Veröffentlicht 07.01.2015 19:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

cmanager 0.32 does not properly enforce nesting when modifying cgroup properties, which allows local users to set cgroup values for all cgroups via unspecified vectors.

  • EPSS 22.02%
  • Veröffentlicht 29.12.2014 23:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows rem...

  • EPSS 5.15%
  • Veröffentlicht 29.12.2014 00:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet.

  • EPSS 0.39%
  • Veröffentlicht 19.12.2014 15:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.

  • EPSS 5.93%
  • Veröffentlicht 17.12.2014 19:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.

  • EPSS 4.43%
  • Veröffentlicht 17.12.2014 19:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.

Exploit
  • EPSS 1.45%
  • Veröffentlicht 17.12.2014 11:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access t...

  • EPSS 4.97%
  • Veröffentlicht 16.12.2014 23:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via...

Exploit
  • EPSS 2.9%
  • Veröffentlicht 16.12.2014 18:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.