NotCVE - vendor:"Canonical" product:"Ubuntu Linux" version:"18.04"

Page 6 of 1834 results (0.292 seconds)

CVSS: 6.5EPSS: 0%CPEs: 175EXPL: 1

CVE-2021-3709 – Apport file permission bypass through emacs byte compilation errors

https://notcve.org/view.php?id=CVE-2021-3709

14 Sep 2021 — Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3; La función check_attachment_for_errors() en el archivo data/general-hooks/ubuntu.py podría ser ... • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •

CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0

CVE-2021-3600 – kernel: eBPF 32-bit source register truncation on div/mod

https://notcve.org/view.php?id=CVE-2021-3600

23 Jun 2021 — It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code. Se descubrió que la implementación de eBPF en el kernel de Linux no rastreaba adecuadamente la información de límites para registros de 32 bits al realizar operaciones div y mod. Un atacante local podría usar esto para posiblemente ejecutar código arbitrario. A flaw was fou... • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-32554 – apport read_file() function could follow maliciously constructed symbolic links

https://notcve.org/view.php?id=CVE-2021-32554

12 Jun 2021 — It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users. Se ha detectado que la función read_file() en el archivo apport/hookutils.py podría seguir enlaces simbólicos o abrir FIFOs. Cuando esta función es usada por el paquete xorg apport hooks, podría exponer datos privados a otros usuarios locales • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 7.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2021-32553 – apport read_file() function could follow maliciously constructed symbolic links

https://notcve.org/view.php?id=CVE-2021-32553

12 Jun 2021 — It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users. Se ha detectado que la función read_file() en el archivo apport/hookutils.py podría seguir enlaces simbólicos o abrir FIFOs. Cuando esta función es usada por el paquete openjdk-17 apport hooks, podría exponer datos privados a otros usuarios locales • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-32552 – apport read_file() function could follow maliciously constructed symbolic links

https://notcve.org/view.php?id=CVE-2021-32552

12 Jun 2021 — It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users. Se ha detectado que la función read_file() en el archivo apport/hookutils.py podría seguir enlaces simbólicos o abrir FIFOs. Cuando esta función es usada por el paquete openjdk-16 apport hooks, podría exponer datos privados a otros usuarios locales • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-32550 – apport read_file() function could follow maliciously constructed symbolic links

https://notcve.org/view.php?id=CVE-2021-32550

12 Jun 2021 — It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users. Se ha detectado que la función read_file() en el archivo apport/hookutils.py podría seguir enlaces simbólicos o abrir FIFOs. Cuando esta función es usada por el paquete openjdk-14 apport hooks, podría exponer datos privados a otros usuarios locales • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-32549 – apport read_file() function could follow maliciously constructed symbolic links

https://notcve.org/view.php?id=CVE-2021-32549

12 Jun 2021 — It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users. Se ha detectado que la función read_file() en el archivo apport/hookutils.py podría seguir enlaces simbólicos o abrir FIFOs. Cuando esta función es usada por el paquete openjdk-13 apport hooks, podría exponer datos privados a otros usuarios locales • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-32548 – apport read_file() function could follow maliciously constructed symbolic links

https://notcve.org/view.php?id=CVE-2021-32548

12 Jun 2021 — It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users. Se ha detectado que la función read_file() en el archivo apport/hookutils.py podría seguir enlaces simbólicos o abrir FIFOs. Cuando esta función es usada por el paquete openjdk-8 apport hooks, podría exponer datos privados a otros usuarios locales • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-32547 – apport read_file() function could follow maliciously constructed symbolic links

https://notcve.org/view.php?id=CVE-2021-32547

26 May 2021 — It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users. Se ha detectado que la función read_file() en el archivo apport/hookutils.py podría seguir enlaces simbólicos o abrir FIFOs. Cuando esta función es usada por el paquete openjdk-lts apport hooks, podría exponer datos privados a otros usuarios locales Maik Münch discovered that Apport incorrec... • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-32551 – apport read_file() function could follow maliciously constructed symbolic links

https://notcve.org/view.php?id=CVE-2021-32551

26 May 2021 — It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users. Se ha detectado que la función read_file() en el archivo apport/hookutils.py podría seguir enlaces simbólicos o abrir FIFOs. Cuando esta función es usada por el paquete openjdk-15 apport hooks, podría exponer datos privados a otros usuarios locales Maik Münch discovered that Apport incorrectl... • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •

1...4 5 6 7 8