Vulnerabilities > Canonical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-20 | CVE-2018-12599 | Out-of-bounds Write vulnerability in multiple products In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. | 8.8 |
| 2018-06-20 | CVE-2018-1120 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found affecting the Linux kernel before version 4.17. | 5.3 |
| 2018-06-19 | CVE-2018-12293 | Integer Overflow or Wraparound vulnerability in multiple products The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which could be abused by crafted HTML content. | 8.8 |
| 2018-06-19 | CVE-2018-10811 | Missing Initialization of Resource vulnerability in multiple products strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. | 7.5 |
| 2018-06-19 | CVE-2018-1061 | python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. | 7.5 |
| 2018-06-18 | CVE-2018-1333 | Resource Exhaustion vulnerability in multiple products By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. | 7.5 |
| 2018-06-18 | CVE-2018-1152 | Divide By Zero vulnerability in multiple products libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image. | 6.5 |
| 2018-06-18 | CVE-2018-1060 | python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. | 7.5 |
| 2018-06-14 | CVE-2018-11574 | Integer Overflow or Wraparound vulnerability in multiple products Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. | 9.8 |
| 2018-06-13 | CVE-2018-0495 | Information Exposure Through Discrepancy vulnerability in multiple products Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. | 4.7 |