Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.04%
  • Veröffentlicht 24.10.2019 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:33:12

archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.

  • EPSS 1.55%
  • Veröffentlicht 22.10.2019 21:15:10
  • Zuletzt bearbeitet 21.11.2024 04:29:04

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

Exploit
  • EPSS 1.85%
  • Veröffentlicht 21.10.2019 05:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:51

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

Exploit
  • EPSS 0.46%
  • Veröffentlicht 18.10.2019 22:15:14
  • Zuletzt bearbeitet 21.11.2024 04:32:48

In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt me...

  • EPSS 4.45%
  • Veröffentlicht 18.10.2019 21:15:10
  • Zuletzt bearbeitet 28.05.2026 19:16:33

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be...

Exploit
  • EPSS 63.92%
  • Veröffentlicht 17.10.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:26:22

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !r...

  • EPSS 3.02%
  • Veröffentlicht 17.10.2019 02:15:13
  • Zuletzt bearbeitet 21.11.2024 04:32:44

rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

  • EPSS 2.65%
  • Veröffentlicht 16.10.2019 18:15:34
  • Zuletzt bearbeitet 21.11.2024 04:41:58

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco...

  • EPSS 2.53%
  • Veröffentlicht 16.10.2019 18:15:34
  • Zuletzt bearbeitet 21.11.2024 04:41:58

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection). Supported versions that are affected are 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple ...

  • EPSS 2.65%
  • Veröffentlicht 16.10.2019 18:15:34
  • Zuletzt bearbeitet 21.11.2024 04:41:59

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocol...