Vulnerabilities > Canonical > Ubuntu Linux > 12.04

DATE CVE VULNERABILITY TITLE RISK
2018-01-24 CVE-2018-1000007 libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties.
network
low complexity
haxx debian canonical redhat fujitsu
critical
 9.8
9.8
2018-01-18 CVE-2018-2668 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian canonical netapp redhat
6.5
6.5
2018-01-18 CVE-2018-2665 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian canonical netapp redhat
6.5
6.5
2018-01-18 CVE-2018-2640 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian canonical netapp redhat
6.5
6.5
2018-01-18 CVE-2018-2622 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle mariadb debian canonical netapp redhat
6.5
6.5
2018-01-18 CVE-2018-2562 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition).
network
low complexity
oracle mariadb debian canonical netapp redhat
7.1
7.1
2018-01-16 CVE-2018-5712 Cross-site Scripting vulnerability in multiple products
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1.
network
low complexity
php debian canonical CWE-79
6.1
6.1
2018-01-12 CVE-2018-5344 Use After Free vulnerability in multiple products
In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
local
low complexity
linux canonical redhat CWE-416
7.8
7.8
2018-01-11 CVE-2018-5333 NULL Pointer Dereference vulnerability in multiple products
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.
local
low complexity
linux debian canonical CWE-476
5.5
5.5
2018-01-11 CVE-2018-5332 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).
local
low complexity
linux debian canonical CWE-787
7.8
7.8