Vulnerabilities > Canonical > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-10-11 CVE-2017-0903 Deserialization of Untrusted Data vulnerability in multiple products
RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability.
network
low complexity
rubygems debian canonical redhat CWE-502
critical
 9.8
9.8
2017-10-05 CVE-2017-15032 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
network
low complexity
imagemagick canonical CWE-772
critical
 9.8
9.8
2017-10-04 CVE-2017-14491 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. 		9.8
9.8
2017-10-03 CVE-2017-14493 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
network
low complexity
redhat debian canonical opensuse thekelleys CWE-119
critical
 9.8
9.8
2017-10-03 CVE-2017-14492 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
network
low complexity
redhat debian canonical thekelleys CWE-119
critical
 9.8
9.8
2017-09-21 CVE-2017-14632 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
network
low complexity
xiph-org debian canonical CWE-119
critical
 9.8
9.8
2017-09-21 CVE-2017-14626 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
network
low complexity
imagemagick canonical CWE-476
critical
 9.8
9.8
2017-09-21 CVE-2017-14625 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
network
low complexity
imagemagick canonical CWE-476
critical
 9.8
9.8
2017-09-21 CVE-2017-14624 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
network
low complexity
imagemagick canonical CWE-476
critical
 9.8
9.8
2017-09-18 CVE-2017-14532 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
network
low complexity
imagemagick canonical CWE-476
critical
 9.8
9.8