Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2018-09-16 CVE-2018-17100 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in LibTIFF 4.0.9.
network
low complexity
debian libtiff canonical CWE-190
8.8
8.8
2018-09-16 CVE-2018-17095 Out-of-bounds Write vulnerability in multiple products
An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. 		8.8
8.8
2018-09-13 CVE-2018-17000 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file.
network
low complexity
libtiff debian canonical CWE-476
6.5
6.5
2018-09-11 CVE-2018-10853 Improper Privilege Management vulnerability in multiple products
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor.
local
low complexity
canonical debian linux CWE-269
7.8
7.8
2018-09-10 CVE-2018-16802 An issue was discovered in Artifex Ghostscript before 9.25.
local
low complexity
artifex debian canonical redhat
7.8
7.8
2018-09-10 CVE-2016-7056 A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.
local
low complexity
openssl debian redhat canonical
5.5
5.5
2018-09-10 CVE-2018-14625 A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest.
local
high complexity
linux canonical debian
7.0
7.0
2018-09-09 CVE-2018-16750 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2018-09-09 CVE-2018-16749 NULL Pointer Dereference vulnerability in multiple products
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
network
low complexity
imagemagick canonical debian CWE-476
6.5
6.5
2018-09-07 CVE-2018-16658 Information Exposure vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.18.6.
local
low complexity
linux canonical debian CWE-200
6.1
6.1