Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.77%
  • Veröffentlicht 19.08.2014 18:55:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUT...

  • EPSS 0.37%
  • Veröffentlicht 18.08.2014 11:15:27
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox...

Exploit
  • EPSS 0.89%
  • Veröffentlicht 18.08.2014 11:15:27
  • Zuletzt bearbeitet 06.05.2026 22:30:45

fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with back...

  • EPSS 56.38%
  • Veröffentlicht 06.08.2014 18:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the u...

  • EPSS 5.79%
  • Veröffentlicht 01.08.2014 11:13:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an assoc...

Exploit
  • EPSS 5.41%
  • Veröffentlicht 29.07.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bo...

  • EPSS 0.32%
  • Veröffentlicht 29.07.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-...

  • EPSS 0.36%
  • Veröffentlicht 29.07.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.

  • EPSS 2.91%
  • Veröffentlicht 29.07.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.

  • EPSS 0.27%
  • Veröffentlicht 24.07.2014 14:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.