Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-05-24 | CVE-2018-11410 | An issue was discovered in Liblouis 3.5.0. A invalid free in the compileRule function in compileTranslationTable.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | Ubuntu_linux, Liblouis | 9.8 | ||
| 2018-05-12 | CVE-2018-10999 | An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read. | Ubuntu_linux, Debian_linux, Exiv2 | 6.5 | ||
| 2018-08-27 | CVE-2018-10938 | A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. | Ubuntu_linux, Debian_linux, Linux_kernel | 5.9 | ||
| 2018-08-01 | CVE-2018-10916 | It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system. | Ubuntu_linux, Lftp, Leap | 6.5 | ||
| 2018-06-29 | CVE-2018-10860 | perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter. | Ubuntu_linux, Debian_linux, Perl\-Archive\-Zip | 7.5 | ||
| 2018-05-08 | CVE-2018-10805 | ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. | Ubuntu_linux, Imagemagick | 6.5 | ||
| 2018-05-08 | CVE-2018-10804 | ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. | Ubuntu_linux, Imagemagick | 6.5 | ||
| 2018-05-07 | CVE-2018-10779 | TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff. | Ubuntu_linux, Libtiff | 6.5 | ||
| 2018-03-02 | CVE-2018-1066 | The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery. | Ubuntu_linux, Debian_linux, Linux_kernel | 6.5 | ||
| 2018-04-29 | CVE-2018-10529 | An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp. | Ubuntu_linux, Libraw | 8.8 |