Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-06-07 | CVE-2018-12015 | In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | Mac_os_x, Archive\:\:tar, Ubuntu_linux, Debian_linux, Data_ontap_edge, Oncommand_workflow_automation, Snap_creator_framework, Snapdrive, Perl | 7.5 | ||
| 2018-06-04 | CVE-2018-11685 | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c. | Ubuntu_linux, Liblouis, Leap | 8.8 | ||
| 2018-06-04 | CVE-2018-11684 | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c. | Ubuntu_linux, Liblouis, Leap | 8.8 | ||
| 2018-06-04 | CVE-2018-11683 | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. | Ubuntu_linux, Liblouis, Leap | 8.8 | ||
| 2018-05-29 | CVE-2018-11531 | Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp. | Ubuntu_linux, Debian_linux, Exiv2 | 9.8 | ||
| 2018-05-25 | CVE-2018-11440 | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c. | Ubuntu_linux, Liblouis, Leap | 8.8 | ||
| 2018-05-24 | CVE-2018-1000300 | curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0. | Ubuntu_linux, Curl | 9.8 | ||
| 2018-05-24 | CVE-2018-1000199 | The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f. | Ubuntu_linux, Debian_linux, Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 5.5 | ||
| 2018-03-13 | CVE-2018-1000127 | memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later. | Ubuntu_linux, Debian_linux, Memcached, Openstack | 7.5 | ||
| 2018-02-08 | CVE-2018-1000030 | Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already... | Ubuntu_linux, Python | N/A |