Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-02 | CVE-2018-18897 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in Poppler 0.71.0. | 6.5 |
| 2018-10-31 | CVE-2018-18873 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in JasPer 2.0.14. | 5.5 |
| 2018-10-30 | CVE-2018-0734 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. | 5.9 |
| 2018-10-29 | CVE-2018-0735 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. | 5.9 |
| 2018-10-29 | CVE-2018-18710 | Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel through 4.19. | 5.5 |
| 2018-10-26 | CVE-2018-18690 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form. | 5.5 |
| 2018-10-26 | CVE-2018-18661 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibTIFF 4.0.9. | 6.5 |
| 2018-10-25 | CVE-2018-14665 | Incorrect Authorization vulnerability in multiple products A flaw was found in xorg-x11-server before 1.20.3. | 6.6 |
| 2018-10-23 | CVE-2018-18585 | NULL Pointer Dereference vulnerability in multiple products chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). | 4.3 |
| 2018-10-23 | CVE-2018-18584 | Out-of-bounds Write vulnerability in multiple products In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. network low complexity libmspack-project cabextract-project debian redhat canonical suse starwindsoftware CWE-787 | 6.5 |