Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
There are 494 matching records.
Displaying matches 441 through 460.
Vuln ID Summary CVSS Severity
CVE-2017-14746

Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.

Published: November 27, 2017; 5:29:00 PM -0500
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-16845

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.

Published: November 17, 2017; 3:29:00 PM -0500
V3.1: 10.0 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2017-15115

The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.

Published: November 15, 2017; 4:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2017-8806

The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local denial of service by overwriting arbitrary files.

Published: November 13, 2017; 4:29:00 AM -0500
V3.0: 5.5 MEDIUM
V2.0: 3.6 LOW
CVE-2017-16548

The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.

Published: November 06, 2017; 12:29:00 AM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-16546

The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.

Published: November 05, 2017; 5:29:00 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-15281

ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."

Published: October 12, 2017; 4:29:00 AM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-0903

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.

Published: October 11, 2017; 2:29:00 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-15218

ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.

Published: October 10, 2017; 4:29:00 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-15217

ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.

Published: October 10, 2017; 4:29:00 PM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-15033

ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.

Published: October 05, 2017; 3:29:00 AM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2017-15032

ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

Published: October 05, 2017; 3:29:00 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-15017

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.

Published: October 04, 2017; 9:29:06 PM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-15016

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.

Published: October 04, 2017; 9:29:05 PM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-15015

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.

Published: October 04, 2017; 9:29:05 PM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-14633

In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis().

Published: September 21, 2017; 3:29:00 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-14632

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.

Published: September 21, 2017; 3:29:00 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-14626

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.

Published: September 21, 2017; 1:29:01 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-14625

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.

Published: September 21, 2017; 1:29:00 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-14624

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.

Published: September 21, 2017; 1:29:00 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH