Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-05-16 | CVE-2018-11213 | An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. | Ubuntu_linux, Debian_linux, Libjpeg | 6.5 | ||
| 2018-05-10 | CVE-2018-10963 | The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. | Ubuntu_linux, Debian_linux, Libtiff | 6.5 | ||
| 2018-05-10 | CVE-2018-10958 | In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. | Ubuntu_linux, Debian_linux, Exiv2 | 6.5 | ||
| 2018-03-15 | CVE-2017-18234 | An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and XMPFiles/source/FormatSupport/TIFF_Support.hpp. | Ubuntu_linux, Debian_linux, Exempi | 7.8 | ||
| 2017-02-13 | CVE-2016-3616 | The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. | Ubuntu_linux, Debian_linux, Libjpeg\-Turbo, Enterprise_linux | 8.8 | ||
| 2019-07-31 | CVE-2019-14452 | Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. | Ubuntu_linux, Flightcrew, Sigil | 7.5 | ||
| 2018-06-23 | CVE-2018-12699 | finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. | Ubuntu_linux, Binutils | 9.8 | ||
| 2018-06-23 | CVE-2018-12698 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump. | Ubuntu_linux, Binutils | 7.5 | ||
| 2018-06-23 | CVE-2018-12697 | A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. | Ubuntu_linux, Binutils | 7.5 | ||
| 2007-09-21 | CVE-2007-5023 | Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious "program.exe" file in the C: folder. | Ubuntu_linux, Ace, Player, Server, Workstation | N/A |