Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.37%
  • Veröffentlicht 03.10.2013 21:55:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0.2.38 before 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitU...

  • EPSS 0.38%
  • Veröffentlicht 03.10.2013 21:55:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSub...

  • EPSS 0.37%
  • Veröffentlicht 03.10.2013 21:55:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a ...

  • EPSS 0.38%
  • Veröffentlicht 03.10.2013 21:55:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

language-selector 0.110.x before 0.110.1, 0.90.x before 0.90.1, and 0.79.x before 0.79.4 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnix...

  • EPSS 8.72%
  • Veröffentlicht 01.10.2013 17:55:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The vino_server_client_data_pending function in vino-server.c in GNOME Vino 2.26.1, 2.32.1, 3.7.3, and earlier, and 3.8 when encryption is disabled, does not properly clear client data when an error causes the connection to close during authenticatio...

  • EPSS 3.93%
  • Veröffentlicht 30.09.2013 22:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecifie...

  • EPSS 1.89%
  • Veröffentlicht 30.09.2013 22:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.

  • EPSS 2.68%
  • Veröffentlicht 30.09.2013 21:55:09
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized po...

  • EPSS 1.2%
  • Veröffentlicht 30.09.2013 21:55:09
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a craft...

  • EPSS 0.36%
  • Veröffentlicht 25.09.2013 10:31:29
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call.