Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2018-03-20 CVE-2018-1000135 Information Exposure vulnerability in multiple products
GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN.
network
low complexity
gnome canonical CWE-200
7.5
7.5
2018-03-20 CVE-2018-8804 Double Free vulnerability in multiple products
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
network
low complexity
imagemagick canonical CWE-415
8.8
8.8
2018-03-16 CVE-2018-1068 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging.
local
low complexity
linux canonical debian redhat CWE-787
6.7
6.7
2018-03-15 CVE-2017-18236 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian canonical CWE-835
5.5
5.5
2018-03-15 CVE-2017-18234 Use After Free vulnerability in multiple products
An issue was discovered in Exempi before 2.4.3.
local
low complexity
exempi-project debian canonical CWE-416
7.8
7.8
2018-03-15 CVE-2017-18233 Infinite Loop vulnerability in multiple products
An issue was discovered in Exempi before 2.4.4.
local
low complexity
exempi-project debian canonical CWE-835
5.5
5.5
2018-03-14 CVE-2018-1000122 Out-of-bounds Read vulnerability in multiple products
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
network
low complexity
debian canonical haxx redhat oracle CWE-125
critical
 9.1
9.1
2018-03-14 CVE-2018-1000121 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service
network
low complexity
debian canonical haxx redhat oracle CWE-476
7.5
7.5
2018-03-14 CVE-2018-1000120 Out-of-bounds Write vulnerability in multiple products
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
network
low complexity
debian canonical haxx redhat oracle CWE-787
critical
 9.8
9.8
2018-03-13 CVE-2018-1000127 Improper Locking vulnerability in multiple products
memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list.
network
low complexity
memcached debian canonical redhat CWE-667
7.5
7.5