Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.43%
  • Veröffentlicht 08.02.2020 05:15:13
  • Zuletzt bearbeitet 21.11.2024 04:21:10

Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.

  • EPSS 0.26%
  • Veröffentlicht 08.02.2020 05:15:13
  • Zuletzt bearbeitet 21.11.2024 04:21:10

Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.

  • EPSS 0.44%
  • Veröffentlicht 08.02.2020 05:15:12
  • Zuletzt bearbeitet 21.11.2024 04:21:10

Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.

  • EPSS 2.49%
  • Veröffentlicht 07.02.2020 21:15:10
  • Zuletzt bearbeitet 21.11.2024 05:11:11

A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw c...

  • EPSS 3.54%
  • Veröffentlicht 06.02.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 02:05:21

Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.

  • EPSS 11.06%
  • Veröffentlicht 06.02.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 02:05:29

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld...

Exploit
  • EPSS 4.51%
  • Veröffentlicht 06.02.2020 14:15:10
  • Zuletzt bearbeitet 21.11.2024 03:02:01

MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XM...

Exploit
  • EPSS 0.66%
  • Veröffentlicht 06.02.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:39:11

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

  • EPSS 2.6%
  • Veröffentlicht 05.02.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:30:22

A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability ...

  • EPSS 10.49%
  • Veröffentlicht 04.02.2020 21:15:10
  • Zuletzt bearbeitet 21.11.2024 04:23:02

An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.