Vulnerabilities > Canonical > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-20 | CVE-2017-17786 | Out-of-bounds Read vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image. | 7.8 |
| 2017-12-20 | CVE-2017-17785 | Out-of-bounds Write vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. | 7.8 |
| 2017-12-20 | CVE-2017-17784 | Out-of-bounds Read vulnerability in multiple products In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data. | 7.8 |
| 2017-12-11 | CVE-2017-1000407 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic. | 7.4 |
| 2017-12-06 | CVE-2017-13168 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An elevation of privilege vulnerability in the kernel scsi driver. | 7.8 |
| 2017-12-05 | CVE-2017-15868 | Improper Input Validation vulnerability in multiple products The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application. | 7.8 |
| 2017-12-01 | CVE-2017-16612 | Integer Overflow or Wraparound vulnerability in multiple products libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. | 7.5 |
| 2017-11-27 | CVE-2017-15275 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. | 7.5 |
| 2017-11-27 | CVE-2017-14176 | Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117. | 8.8 |
| 2017-11-20 | CVE-2017-16544 | Code Injection vulnerability in multiple products In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. | 8.8 |