Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2011-2725

Exploit
  • EPSS 0.38%
  • Veröffentlicht 04.02.2014 23:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.

1.2

CVE-2013-6891

Exploit
  • EPSS 0.05%
  • Veröffentlicht 26.01.2014 01:55:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.

6.8

CVE-2013-0339

Exploit
  • EPSS 2.39%
  • Veröffentlicht 21.01.2014 18:55:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service (resource cons...

2.6

CVE-2013-2037

Exploit
  • EPSS 0.49%
  • Veröffentlicht 18.01.2014 21:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle a...

5

CVE-2013-6425

  • EPSS 3%
  • Veröffentlicht 18.01.2014 19:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.

5

CVE-2013-6424

  • EPSS 6.84%
  • Veröffentlicht 18.01.2014 19:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.

4

CVE-2014-0412

  • EPSS 0.41%
  • Veröffentlicht 15.01.2014 16:08:10
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

2.8

CVE-2014-0420

  • EPSS 0.64%
  • Veröffentlicht 15.01.2014 16:08:10
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication.

3.5

CVE-2014-0437

  • EPSS 0.38%
  • Veröffentlicht 15.01.2014 16:08:10
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

4

CVE-2014-0401

  • EPSS 0.41%
  • Veröffentlicht 15.01.2014 16:08:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.