Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.54%
  • Veröffentlicht 17.08.2019 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:28:07

In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.

  • EPSS 5.9%
  • Veröffentlicht 16.08.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:45:00

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's `Kernel.open` method. Processes are vulnerable only if the undocumented method `Nokogiri::CSS::Tokenizer#load_file` is being c...

  • EPSS 0.76%
  • Veröffentlicht 16.08.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:28:05

check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.

  • EPSS 0.72%
  • Veröffentlicht 16.08.2019 02:15:11
  • Zuletzt bearbeitet 21.11.2024 04:28:02

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

  • EPSS 3.77%
  • Veröffentlicht 16.08.2019 02:15:11
  • Zuletzt bearbeitet 21.11.2024 04:28:02

drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

  • EPSS 0.46%
  • Veröffentlicht 16.08.2019 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:28:02

An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.

  • EPSS 3.37%
  • Veröffentlicht 15.08.2019 22:15:22
  • Zuletzt bearbeitet 21.11.2024 04:52:26

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify tha...

  • EPSS 78.35%
  • Veröffentlicht 15.08.2019 22:15:22
  • Zuletzt bearbeitet 21.11.2024 04:52:26

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calli...

  • EPSS 1.93%
  • Veröffentlicht 15.08.2019 22:15:22
  • Zuletzt bearbeitet 21.11.2024 04:52:26

LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Script...

  • EPSS 2.19%
  • Veröffentlicht 15.08.2019 17:15:13
  • Zuletzt bearbeitet 21.11.2024 04:24:49

The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able...