Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.3%
  • Veröffentlicht 26.11.2019 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:23:01

An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypasse...

  • EPSS 20.25%
  • Veröffentlicht 26.11.2019 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:23:02

An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the ...

  • EPSS 3.33%
  • Veröffentlicht 25.11.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:34:24

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.

  • EPSS 2.94%
  • Veröffentlicht 25.11.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:34:24

Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.

  • EPSS 0.37%
  • Veröffentlicht 25.11.2019 12:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:26

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to inter...

Exploit
  • EPSS 0.66%
  • Veröffentlicht 21.11.2019 23:15:13
  • Zuletzt bearbeitet 21.11.2024 04:34:21

In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.

Exploit
  • EPSS 2.58%
  • Veröffentlicht 21.11.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 01:41:05

mono 2.10.x ASP.NET Web Form Hash collision DoS

Exploit
  • EPSS 0.73%
  • Veröffentlicht 21.11.2019 02:15:23
  • Zuletzt bearbeitet 21.11.2024 04:34:02

__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: ...

  • EPSS 4.61%
  • Veröffentlicht 20.11.2019 21:15:11
  • Zuletzt bearbeitet 21.11.2024 02:28:48

The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have ...

  • EPSS 3.97%
  • Veröffentlicht 20.11.2019 21:15:11
  • Zuletzt bearbeitet 21.11.2024 02:28:48

contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via...