Vulnerabilities > Canonical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-02 | CVE-2018-13053 | Integer Overflow or Wraparound vulnerability in multiple products The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. | 3.3 |
| 2018-07-02 | CVE-2018-0499 | Cross-site Scripting vulnerability in multiple products A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet(). | 6.1 |
| 2018-07-01 | CVE-2018-13043 | Code Injection vulnerability in multiple products scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing. | 9.8 |
| 2018-06-29 | CVE-2018-10860 | Path Traversal vulnerability in multiple products perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. | 7.5 |
| 2018-06-29 | CVE-2018-13006 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in MP4Box in GPAC 0.7.1. | 9.8 |
| 2018-06-29 | CVE-2018-13005 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in MP4Box in GPAC 0.7.1. | 9.8 |
| 2018-06-28 | CVE-2018-12931 | Out-of-bounds Write vulnerability in multiple products ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. | 7.8 |
| 2018-06-28 | CVE-2018-12930 | Out-of-bounds Write vulnerability in multiple products ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. | 7.8 |
| 2018-06-28 | CVE-2018-12929 | Use After Free vulnerability in multiple products ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem. | 5.5 |
| 2018-06-28 | CVE-2018-12928 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. | 5.5 |