Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2019-18683

Exploit
  • EPSS 1%
  • Veröffentlicht 04.11.2019 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:33:31

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. ...

9.8

CVE-2019-13508

  • EPSS 0.57%
  • Veröffentlicht 31.10.2019 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:25:02

FreeTDS through 1.1.11 has a Buffer Overflow.

7.5

CVE-2019-15681

  • EPSS 6.19%
  • Veröffentlicht 29.10.2019 19:15:18
  • Zuletzt bearbeitet 21.11.2024 04:29:15

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can ...

9.8

CVE-2019-11043

Warnung Exploit
  • EPSS 94.11%
  • Veröffentlicht 28.10.2019 15:15:13
  • Zuletzt bearbeitet 03.11.2025 19:23:46

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the p...

7.5

CVE-2019-18408

  • EPSS 4.59%
  • Veröffentlicht 24.10.2019 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:33:12

archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.

5.4

CVE-2019-15587

  • EPSS 3.03%
  • Veröffentlicht 22.10.2019 21:15:10
  • Zuletzt bearbeitet 21.11.2024 04:29:04

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

7.8

CVE-2019-18218

Exploit
  • EPSS 0.23%
  • Veröffentlicht 21.10.2019 05:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:51

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

7.8

CVE-2019-18198

Exploit
  • EPSS 0.1%
  • Veröffentlicht 18.10.2019 22:15:14
  • Zuletzt bearbeitet 21.11.2024 04:32:48

In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt me...

7.5

CVE-2019-18197

  • EPSS 4.77%
  • Veröffentlicht 18.10.2019 21:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:48

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be...

9

CVE-2019-14287

Exploit
  • EPSS 85.81%
  • Veröffentlicht 17.10.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:26:22

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !r...