Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2018-06-07 CVE-2018-12015 Link Following vulnerability in multiple products
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
network
low complexity
canonical debian perl archive apple netapp CWE-59
7.5
7.5
2018-06-04 CVE-2018-11685 Out-of-bounds Write vulnerability in multiple products
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.
network
low complexity
liblouis canonical opensuse CWE-787
8.8
8.8
2018-06-04 CVE-2018-11684 Out-of-bounds Write vulnerability in multiple products
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.
network
low complexity
liblouis canonical opensuse CWE-787
8.8
8.8
2018-06-04 CVE-2018-11683 Out-of-bounds Write vulnerability in multiple products
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
network
low complexity
liblouis canonical opensuse CWE-787
8.8
8.8
2018-06-01 CVE-2016-1000338 Improper Verification of Cryptographic Signature vulnerability in multiple products
In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification.
network
low complexity
bouncycastle redhat canonical netapp CWE-347
7.5
7.5
2018-06-01 CVE-2018-11656 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2018-06-01 CVE-2018-11655 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2018-05-31 CVE-2018-11625 Out-of-bounds Read vulnerability in multiple products
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.
network
low complexity
imagemagick canonical CWE-125
8.8
8.8
2018-05-31 CVE-2018-5388 Out-of-bounds Write vulnerability in multiple products
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
network
low complexity
strongswan debian canonical CWE-787
6.5
6.5
2018-05-31 CVE-2018-11577 Classic Buffer Overflow vulnerability in multiple products
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.
network
low complexity
liblouis canonical opensuse CWE-120
8.8
8.8