Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.29%
  • Veröffentlicht 20.10.2014 17:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors rela...

  • EPSS 4.95%
  • Veröffentlicht 16.10.2014 00:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.

  • EPSS 2.2%
  • Veröffentlicht 15.10.2014 14:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.

  • EPSS 0.46%
  • Veröffentlicht 13.10.2014 10:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss ...

Exploit
  • EPSS 0.67%
  • Veröffentlicht 13.10.2014 10:55:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in bo...

  • EPSS 13.45%
  • Veröffentlicht 10.10.2014 10:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP...

  • EPSS 0.47%
  • Veröffentlicht 08.10.2014 19:55:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.

Exploit
  • EPSS 4.28%
  • Veröffentlicht 07.10.2014 14:55:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file.

Exploit
  • EPSS 4.62%
  • Veröffentlicht 07.10.2014 14:55:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB f...

  • EPSS 5.54%
  • Veröffentlicht 06.10.2014 14:55:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) Palm...