Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 5.35%
  • Veröffentlicht 18.08.2013 02:52:22
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof ar...

Exploit
  • EPSS 2.63%
  • Veröffentlicht 15.08.2013 17:55:24
  • Zuletzt bearbeitet 29.04.2026 01:13:23

bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef....

Exploit
  • EPSS 4.41%
  • Veröffentlicht 14.08.2013 15:55:06
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-...

  • EPSS 69.01%
  • Veröffentlicht 06.08.2013 02:56:00
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

Exploit
  • EPSS 11.12%
  • Veröffentlicht 31.07.2013 13:20:25
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string endi...

  • EPSS 2.81%
  • Veröffentlicht 31.07.2013 13:20:24
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.

  • EPSS 3.89%
  • Veröffentlicht 31.07.2013 13:20:24
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.

  • EPSS 24.74%
  • Veröffentlicht 23.07.2013 11:03:19
  • Zuletzt bearbeitet 29.04.2026 01:13:23

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Ja...

  • EPSS 4.31%
  • Veröffentlicht 18.07.2013 16:51:40
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows remote attackers to create arbitrary files via a crafted archive that is not properly handled in a "Keep ...

  • EPSS 3.09%
  • Veröffentlicht 17.07.2013 13:41:16
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.