Vulnerabilities > Canonical > High

DATE CVE VULNERABILITY TITLE RISK
2017-02-03 CVE-2016-10165 Out-of-bounds Read vulnerability in multiple products
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
7.1
2017-01-13 CVE-2016-7426 Resource Exhaustion vulnerability in multiple products
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address.
network
low complexity
ntp canonical redhat hpe CWE-400
7.5
2017-01-06 CVE-2016-2378 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin.
network
high complexity
pidgin canonical debian CWE-119
8.1
2017-01-06 CVE-2016-2377 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-119
8.1
2017-01-06 CVE-2016-2376 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-119
8.1
2017-01-06 CVE-2016-2374 Out-of-bounds Read vulnerability in multiple products
An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-125
8.1
2017-01-06 CVE-2016-2371 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-787
8.1
2017-01-06 CVE-2016-2368 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin.
network
high complexity
pidgin canonical debian CWE-119
8.1
2016-12-17 CVE-2016-9950 Path Traversal vulnerability in multiple products
An issue was discovered in Apport before 2.20.4.
local
low complexity
apport-project canonical CWE-22
7.8
2016-12-17 CVE-2016-9949 Code Injection vulnerability in multiple products
An issue was discovered in Apport before 2.20.4.
local
low complexity
apport-project canonical CWE-94
7.8