Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
There are 494 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2018-7073

A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24.

Published: August 06, 2018; 4:29:02 PM -0400
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-15118

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requires TLS, the attacker cannot trigger the buffer overflow without first successfully negotiating TLS.

Published: July 27, 2018; 5:29:00 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-1056

An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files.

Published: July 27, 2018; 2:29:01 PM -0400
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-15119

The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from serving other requests, resulting in DoS.

Published: July 27, 2018; 12:29:00 PM -0400
V3.0: 8.6 HIGH
V2.0: 5.0 MEDIUM
CVE-2018-0500

Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value).

Published: July 11, 2018; 9:29:00 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-13785

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

Published: July 09, 2018; 9:29:00 AM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-12910

The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.

Published: July 05, 2018; 2:29:00 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-13153

In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.

Published: July 04, 2018; 10:29:00 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-0499

A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet().

Published: July 02, 2018; 8:29:00 AM -0400
V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-13043

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

Published: July 01, 2018; 6:29:00 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-10860

perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.

Published: June 29, 2018; 3:29:00 PM -0400
V3.0: 7.5 HIGH
V2.0: 6.4 MEDIUM
CVE-2018-12600

In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.

Published: June 20, 2018; 2:29:00 PM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-12599

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

Published: June 20, 2018; 2:29:00 PM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-12293

The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which could be abused by crafted HTML content.

Published: June 19, 2018; 5:29:00 PM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-1152

libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.

Published: June 18, 2018; 10:29:00 AM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-0495

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

Published: June 13, 2018; 7:29:00 PM -0400
V3.0: 4.7 MEDIUM
V2.0: 1.9 LOW
CVE-2018-12265

Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.

Published: June 13, 2018; 7:29:00 AM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-12264

Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.

Published: June 13, 2018; 7:29:00 AM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-0732

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).

Published: June 12, 2018; 9:29:00 AM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2018-5185

Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

Published: June 11, 2018; 5:29:16 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM