Vulnerabilities > Canonical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-12 | CVE-2018-5357 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c. | 6.5 |
| 2018-01-12 | CVE-2018-5344 | Use After Free vulnerability in multiple products In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact. | 7.8 |
| 2018-01-12 | CVE-2018-5345 | Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file. | 7.8 |
| 2018-01-11 | CVE-2018-5333 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference. | 5.5 |
| 2018-01-11 | CVE-2018-5332 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c). | 7.8 |
| 2018-01-09 | CVE-2017-15129 | Race Condition vulnerability in multiple products A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. | 4.7 |
| 2018-01-06 | CVE-2018-5205 | Use of Externally-Controlled Format String vulnerability in multiple products When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. | 7.5 |
| 2018-01-05 | CVE-2018-5248 | Out-of-bounds Read vulnerability in multiple products In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function. | 8.8 |
| 2018-01-05 | CVE-2018-5247 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c. | 6.5 |
| 2018-01-05 | CVE-2018-5246 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c. | 6.5 |