Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 19.63%
  • Veröffentlicht 09.06.2009 17:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:10

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler re...

Exploit
  • EPSS 52.99%
  • Veröffentlicht 08.06.2009 01:00:00
  • Zuletzt bearbeitet 16.06.2026 23:08:25

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via ...

Exploit
  • EPSS 12.04%
  • Veröffentlicht 08.06.2009 01:00:00
  • Zuletzt bearbeitet 16.06.2026 23:08:26

Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.

Exploit
  • EPSS 0.59%
  • Veröffentlicht 08.06.2009 01:00:00
  • Zuletzt bearbeitet 16.06.2026 23:08:27

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of ...

Exploit
  • EPSS 80.13%
  • Veröffentlicht 04.06.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:07:10

ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.

  • EPSS 10.25%
  • Veröffentlicht 04.06.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:07:10

The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a...

  • EPSS 3.03%
  • Veröffentlicht 28.05.2009 20:30:00
  • Zuletzt bearbeitet 16.06.2026 23:07:41

Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to U...

Exploit
  • EPSS 12.75%
  • Veröffentlicht 19.05.2009 19:30:00
  • Zuletzt bearbeitet 16.06.2026 23:07:09

Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or ...

Exploit
  • EPSS 0.49%
  • Veröffentlicht 14.05.2009 17:30:00
  • Zuletzt bearbeitet 16.06.2026 23:07:40

The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass pe...

  • EPSS 12.38%
  • Veröffentlicht 23.04.2009 17:30:01
  • Zuletzt bearbeitet 16.06.2026 23:06:42

mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.