Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2018-01-05 CVE-2017-18022 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2018-01-04 CVE-2017-5753 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. 		5.6
5.6
2018-01-04 CVE-2017-5715 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. 		5.6
5.6
2018-01-03 CVE-2017-1000476 Resource Exhaustion vulnerability in multiple products
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
network
low complexity
imagemagick debian canonical CWE-400
6.5
6.5
2018-01-03 CVE-2017-18017 Use After Free vulnerability in multiple products
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
network
low complexity
linux debian arista f5 suse opensuse openstack canonical redhat CWE-416
critical
 9.8
9.8
2018-01-02 CVE-2017-1000422 Integer Overflow or Wraparound vulnerability in multiple products
Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential code execution
network
low complexity
gnome debian canonical CWE-190
8.8
8.8
2018-01-02 CVE-2017-1000445 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
network
low complexity
imagemagick debian canonical CWE-476
6.5
6.5
2018-01-01 CVE-2017-18008 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2017-12-27 CVE-2017-7160 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical CWE-119
8.8
8.8
2017-12-27 CVE-2017-17934 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5