Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 88.9%
  • Veröffentlicht 25.02.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:39:27

OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the se...

  • EPSS 0.73%
  • Veröffentlicht 25.02.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:40:31

An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.

  • EPSS 9.39%
  • Veröffentlicht 24.02.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 05:11:38

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smug...

Exploit
  • EPSS 1.36%
  • Veröffentlicht 24.02.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 05:38:21

There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.

  • EPSS 3.54%
  • Veröffentlicht 24.02.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 02:40:53

add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could send a crafted password to an application (loading ...

  • EPSS 3.68%
  • Veröffentlicht 21.02.2020 22:15:10
  • Zuletzt bearbeitet 21.11.2024 05:40:25

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.

Exploit
  • EPSS 0.51%
  • Veröffentlicht 20.02.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 01:33:17

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

  • EPSS 2.25%
  • Veröffentlicht 20.02.2020 07:15:12
  • Zuletzt bearbeitet 21.11.2024 05:40:23

archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact.

  • EPSS 0.39%
  • Veröffentlicht 20.02.2020 04:15:10
  • Zuletzt bearbeitet 21.11.2024 01:28:24

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

  • EPSS 8.8%
  • Veröffentlicht 19.02.2020 21:15:11
  • Zuletzt bearbeitet 13.08.2025 20:48:07

Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as dem...