CVE-2012-3954
- EPSS 4.33%
- Veröffentlicht 25.07.2012 10:42:35
- Zuletzt bearbeitet 16.06.2026 23:44:07
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
CVE-2012-0876
- EPSS 5.72%
- Veröffentlicht 03.07.2012 19:55:02
- Zuletzt bearbeitet 16.06.2026 23:38:26
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file wit...
- EPSS 1.78%
- Veröffentlicht 19.06.2012 20:55:05
- Zuletzt bearbeitet 16.06.2026 23:38:33
The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by vie...
CVE-2011-4408
- EPSS 1.24%
- Veröffentlicht 16.06.2012 00:55:05
- Zuletzt bearbeitet 16.06.2026 23:34:52
The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate SSL certificates when using HTTPS, which allows remote attackers to spoof a server and modify or read sensitive data via a man-in-the-middle (MITM) at...
CVE-2011-4409
- EPSS 1.76%
- Veröffentlicht 16.06.2012 00:55:05
- Zuletzt bearbeitet 16.06.2026 23:34:52
The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle (MITM) attack.
CVE-2011-3193
- EPSS 7.54%
- Veröffentlicht 16.06.2012 00:55:03
- Zuletzt bearbeitet 16.06.2026 23:32:51
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a craft...
CVE-2012-0948
- EPSS 0.35%
- Veröffentlicht 07.06.2012 21:55:02
- Zuletzt bearbeitet 16.06.2026 23:38:33
DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows local users to obtain repository credentials.
CVE-2012-1610
- EPSS 4.75%
- Veröffentlicht 05.06.2012 22:55:10
- Zuletzt bearbeitet 16.06.2026 23:39:51
Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: th...
CVE-2012-1185
- EPSS 29.68%
- Veröffentlicht 05.06.2012 22:55:09
- Zuletzt bearbeitet 16.06.2026 23:39:12
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the R...
CVE-2012-1186
- EPSS 1.88%
- Veröffentlicht 05.06.2012 22:55:09
- Zuletzt bearbeitet 16.06.2026 23:39:12
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exis...