Vulnerabilities > Canonical > Ubuntu Linux > 12.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-31 | CVE-2016-6328 | A vulnerability was found in libexif. | 8.1 |
| 2018-10-31 | CVE-2018-16842 | Out-of-bounds Read vulnerability in multiple products Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service. | 9.1 |
| 2018-10-30 | CVE-2018-18281 | Incomplete Cleanup vulnerability in multiple products Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. | 7.8 |
| 2018-10-29 | CVE-2018-18751 | Double Free vulnerability in multiple products An issue was discovered in GNU gettext 0.19.8. | 9.8 |
| 2018-10-29 | CVE-2018-18710 | Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel through 4.19. | 5.5 |
| 2018-10-26 | CVE-2018-18690 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form. | 5.5 |
| 2018-10-23 | CVE-2018-18585 | NULL Pointer Dereference vulnerability in multiple products chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). | 4.3 |
| 2018-10-23 | CVE-2018-18584 | Out-of-bounds Write vulnerability in multiple products In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. network low complexity libmspack-project cabextract-project debian redhat canonical suse starwindsoftware CWE-787 | 6.5 |
| 2018-10-17 | CVE-2018-18386 | Incorrect Type Conversion or Cast vulnerability in multiple products drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. | 3.3 |
| 2018-10-17 | CVE-2018-3282 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). | 4.9 |