Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.76%
  • Veröffentlicht 22.05.2014 23:55:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT...

  • EPSS 4.84%
  • Veröffentlicht 21.05.2014 14:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.

  • EPSS 3.12%
  • Veröffentlicht 16.05.2014 15:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as de...

  • EPSS 2.55%
  • Veröffentlicht 16.05.2014 15:55:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the ca...

  • EPSS 0.44%
  • Veröffentlicht 15.05.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file ...

  • EPSS 4.36%
  • Veröffentlicht 15.05.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, ...

  • EPSS 4.36%
  • Veröffentlicht 15.05.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, wh...

  • EPSS 0.63%
  • Veröffentlicht 14.05.2014 00:55:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository.

  • EPSS 0.55%
  • Veröffentlicht 11.05.2014 21:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that req...

Exploit
  • EPSS 0.6%
  • Veröffentlicht 11.05.2014 21:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows loc...