Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-22 | CVE-2018-17336 | Use of Externally-Controlled Format String vulnerability in multiple products UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings. | 4.6 |
| 2018-09-21 | CVE-2018-17294 | Out-of-bounds Read vulnerability in multiple products The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries. | 4.3 |
| 2018-09-19 | CVE-2018-17206 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. | 4.0 |
| 2018-09-19 | CVE-2018-17205 | Reachable Assertion vulnerability in multiple products An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. | 5.0 |
| 2018-09-19 | CVE-2018-17204 | Reachable Assertion vulnerability in multiple products An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. | 4.0 |
| 2018-09-17 | CVE-2017-15705 | Improper Input Validation vulnerability in multiple products A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. | 5.3 |
| 2018-09-16 | CVE-2018-17101 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibTIFF 4.0.9. | 6.8 |
| 2018-09-16 | CVE-2018-17100 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in LibTIFF 4.0.9. | 6.8 |
| 2018-09-16 | CVE-2018-17095 | Out-of-bounds Write vulnerability in multiple products An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. | 6.8 |
| 2018-09-13 | CVE-2018-17000 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. | 4.3 |