Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-09 | CVE-2017-7613 | Improper Input Validation vulnerability in multiple products elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | 4.3 |
| 2017-04-09 | CVE-2017-7612 | Out-of-bounds Read vulnerability in multiple products The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 4.3 |
| 2017-04-09 | CVE-2017-7611 | Out-of-bounds Read vulnerability in multiple products The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 4.3 |
| 2017-04-09 | CVE-2017-7610 | Out-of-bounds Read vulnerability in multiple products The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 4.3 |
| 2017-04-09 | CVE-2017-7608 | Out-of-bounds Read vulnerability in multiple products The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | 4.3 |
| 2017-04-05 | CVE-2017-7358 | Path Traversal vulnerability in multiple products In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out. | 6.9 |
| 2017-03-24 | CVE-2017-6507 | Improper Privilege Management vulnerability in multiple products An issue was discovered in AppArmor before 2.12. | 4.3 |
| 2017-03-23 | CVE-2016-9388 | Reachable Assertion vulnerability in multiple products The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. | 5.5 |
| 2017-03-20 | CVE-2014-9851 | Improper Input Validation vulnerability in multiple products ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). | 5.0 |
| 2017-03-20 | CVE-2014-9850 | Resource Management Errors vulnerability in multiple products Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). | 5.0 |