Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-06 | CVE-2018-16640 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c. | 4.3 |
| 2018-09-05 | CVE-2018-16542 | Out-of-bounds Write vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. | 5.5 |
| 2018-09-05 | CVE-2018-16541 | Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. | 5.5 |
| 2018-09-05 | CVE-2018-16539 | Information Exposure vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | 5.5 |
| 2018-09-04 | CVE-2018-6554 | Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. | 4.9 |
| 2018-09-04 | CVE-2018-16435 | Integer Overflow or Wraparound vulnerability in multiple products Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. | 4.3 |
| 2018-09-02 | CVE-2018-16336 | Out-of-bounds Read vulnerability in multiple products Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999. | 4.3 |
| 2018-09-01 | CVE-2018-16323 | Information Exposure vulnerability in multiple products ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. | 4.3 |
| 2018-08-30 | CVE-2018-16140 | Out-of-bounds Write vulnerability in multiple products A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file. | 6.8 |
| 2018-08-29 | CVE-2018-16062 | Out-of-bounds Read vulnerability in multiple products dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | 5.5 |