Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.45%
  • Veröffentlicht 15.06.2013 19:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.

  • EPSS 1.4%
  • Veröffentlicht 15.06.2013 19:55:00
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInf...

  • EPSS 24.89%
  • Veröffentlicht 10.06.2013 17:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containi...

  • EPSS 1.02%
  • Veröffentlicht 07.06.2013 14:03:20
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including fo...

  • EPSS 6.49%
  • Veröffentlicht 29.05.2013 14:29:06
  • Zuletzt bearbeitet 29.04.2026 01:13:23

schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a for...

  • EPSS 0.95%
  • Veröffentlicht 21.05.2013 18:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

telepathy-idle before 0.1.15 does not verify (1) that the issuer is a trusted CA, (2) that the server hostname matches a domain name in the subject's Common Name (CN), or (3) the expiration date of the X.509 certificate, which allows man-in-the-middl...

Warnung Exploit
  • EPSS 6.7%
  • Veröffentlicht 16.05.2013 11:45:30
  • Zuletzt bearbeitet 22.04.2026 16:42:11

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale funct...

  • EPSS 3.55%
  • Veröffentlicht 13.05.2013 23:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-...

  • EPSS 3.5%
  • Veröffentlicht 13.05.2013 23:55:02
  • Zuletzt bearbeitet 29.04.2026 01:13:23

pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.

  • EPSS 0.38%
  • Veröffentlicht 13.05.2013 23:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading pas...