Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-4761

  • EPSS 0.47%
  • Veröffentlicht 22.01.2020 19:15:10
  • Zuletzt bearbeitet 21.11.2024 02:52:54

WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS

7.5

CVE-2020-7595

  • EPSS 0.47%
  • Veröffentlicht 21.01.2020 23:15:13
  • Zuletzt bearbeitet 03.12.2025 16:15:54

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

9.3

CVE-2020-7040

  • EPSS 5.19%
  • Veröffentlicht 21.01.2020 21:15:16
  • Zuletzt bearbeitet 21.11.2024 05:36:32

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of sto...

5.5

CVE-2019-14902

  • EPSS 3.5%
  • Veröffentlicht 21.01.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:27:39

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on a...

6.5

CVE-2019-14907

  • EPSS 10.24%
  • Veröffentlicht 21.01.2020 18:15:12
  • Zuletzt bearbeitet 14.01.2025 19:29:55

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such st...

6.5

CVE-2019-19344

  • EPSS 2.31%
  • Veröffentlicht 21.01.2020 18:15:12
  • Zuletzt bearbeitet 14.01.2025 19:29:55

There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the ori...

2.4

CVE-2019-20386

  • EPSS 0.15%
  • Veröffentlicht 21.01.2020 06:15:11
  • Zuletzt bearbeitet 09.06.2025 16:15:30

An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.

5.5

CVE-2019-14615

  • EPSS 5.01%
  • Veröffentlicht 17.01.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:27:02

Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.

9.8

CVE-2019-17361

  • EPSS 18.52%
  • Veröffentlicht 17.01.2020 02:15:11
  • Zuletzt bearbeitet 21.11.2024 04:32:10

In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.

7.1

CVE-2019-15961

Exploit
  • EPSS 2.22%
  • Veröffentlicht 15.01.2020 19:15:13
  • Zuletzt bearbeitet 21.11.2024 04:29:49

A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to...