Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-06 | CVE-2018-7184 | ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. | 5.0 |
| 2018-03-06 | CVE-2018-7182 | Out-of-bounds Read vulnerability in multiple products The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10. | 5.0 |
| 2018-03-06 | CVE-2018-7731 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Exempi through 2.4.4. | 5.5 |
| 2018-03-06 | CVE-2018-7730 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exempi through 2.4.4. | 5.5 |
| 2018-03-06 | CVE-2018-7729 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exempi through 2.4.4. | 5.5 |
| 2018-03-06 | CVE-2018-7728 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exempi through 2.4.4. | 5.5 |
| 2018-03-06 | CVE-2018-7726 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in ZZIPlib 0.13.68. | 4.3 |
| 2018-03-06 | CVE-2018-7725 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in ZZIPlib 0.13.68. | 4.3 |
| 2018-03-06 | CVE-2018-1000100 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. | 6.8 |
| 2018-03-05 | CVE-2018-1000115 | Resource Exhaustion vulnerability in multiple products Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). | 5.0 |