Vulnerabilities > Canonical > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-02-08 CVE-2018-6789 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1.
network
low complexity
exim debian canonical CWE-120
critical
 9.8
9.8
2018-01-24 CVE-2018-1000007 libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties.
network
low complexity
haxx debian canonical redhat fujitsu
critical
 9.8
9.8
2018-01-24 CVE-2018-1000005 Out-of-bounds Read vulnerability in multiple products
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers.
network
low complexity
haxx debian canonical CWE-125
critical
 9.1
9.1
2018-01-03 CVE-2017-18017 Use After Free vulnerability in multiple products
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
network
low complexity
linux debian arista f5 suse opensuse openstack canonical redhat CWE-416
critical
 9.8
9.8
2017-12-11 CVE-2017-17499 Use After Free vulnerability in multiple products
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
network
low complexity
imagemagick canonical debian CWE-416
critical
 9.8
9.8
2017-12-08 CVE-2017-17480 Out-of-bounds Write vulnerability in multiple products
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c.
network
low complexity
uclouvain debian canonical CWE-787
critical
 9.8
9.8
2017-11-27 CVE-2017-14746 Use After Free vulnerability in multiple products
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
network
low complexity
samba redhat debian canonical CWE-416
critical
 9.8
9.8
2017-11-17 CVE-2017-16845 Improper Input Validation vulnerability in multiple products
hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.
network
low complexity
qemu debian canonical CWE-20
critical
 10.0
10
2017-11-06 CVE-2017-16548 Out-of-bounds Read vulnerability in multiple products
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.
network
low complexity
samba debian canonical CWE-125
critical
 9.8
9.8
2017-10-14 CVE-2017-12629 XXE vulnerability in multiple products
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class.
network
low complexity
apache redhat debian canonical CWE-611
critical
 9.8
9.8