Vulnerabilities > Canonical > Ubuntu Linux > 12.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-14 | CVE-2018-1000120 | Out-of-bounds Write vulnerability in multiple products A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. | 9.8 |
| 2018-03-13 | CVE-2018-1050 | NULL Pointer Dereference vulnerability in multiple products All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. | 4.3 |
| 2018-03-13 | CVE-2018-1000085 | Out-of-bounds Read vulnerability in multiple products ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. | 5.5 |
| 2018-03-08 | CVE-2018-7183 | Out-of-bounds Write vulnerability in multiple products Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. | 9.8 |
| 2018-03-08 | CVE-2018-7755 | Information Exposure vulnerability in multiple products An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. | 5.5 |
| 2018-03-06 | CVE-2018-7185 | The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. | 7.5 |
| 2018-03-02 | CVE-2018-1066 | NULL Pointer Dereference vulnerability in multiple products The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery. | 6.5 |
| 2018-03-01 | CVE-2018-7584 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. | 9.8 |
| 2018-02-26 | CVE-2018-7492 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST. | 5.5 |
| 2018-02-12 | CVE-2018-6927 | Integer Overflow or Wraparound vulnerability in multiple products The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value. | 7.8 |