Vulnerabilities > Canonical

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-26	CVE-2018-5750	Information Exposure vulnerability in multiple products The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call. local low complexity linux debian canonical redhat CWE-200	5.5
2018-01-25	CVE-2017-15132	Missing Release of Resource after Effective Lifetime vulnerability in multiple products A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. network low complexity dovecot debian canonical CWE-772	7.5
2018-01-25	CVE-2018-6198	Link Following vulnerability in multiple products w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. local high complexity tats canonical CWE-59	4.7
2018-01-25	CVE-2018-6197	NULL Pointer Dereference vulnerability in multiple products w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. network low complexity tats canonical CWE-476	7.5
2018-01-25	CVE-2018-6196	Infinite Loop vulnerability in multiple products w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value. network low complexity tats canonical CWE-835	7.5
2018-01-24	CVE-2018-1000007	libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. network low complexity haxx debian canonical redhat fujitsu critical	9.8
2018-01-24	CVE-2018-1000005	Out-of-bounds Read vulnerability in multiple products libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. network low complexity haxx debian canonical CWE-125 critical	9.1
2018-01-24	CVE-2017-18075	Release of Invalid Pointer or Reference vulnerability in multiple products crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. local low complexity linux canonical CWE-763	7.8
2018-01-23	CVE-2018-5683	Out-of-bounds Read vulnerability in multiple products The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. local low complexity qemu debian redhat canonical CWE-125	6.0
2018-01-23	CVE-2018-5950	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. network low complexity gnu debian canonical redhat CWE-79	6.1

Vulnerabilities > Canonical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Canonical"}]}

Vulnerabilities > Canonical