Vulnerabilities > Canonical > Ubuntu Linux > 14.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-27 | CVE-2017-18206 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. | 7.5 |
| 2018-02-27 | CVE-2016-10714 | Numeric Errors vulnerability in multiple products In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters. | 7.5 |
| 2018-02-27 | CVE-2014-10071 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax. | 7.5 |
| 2018-02-26 | CVE-2018-7492 | NULL Pointer Dereference vulnerability in Linux Kernel A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST. | 4.9 |
| 2018-02-25 | CVE-2018-7480 | Double Free vulnerability in multiple products The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure. | 7.8 |
| 2018-02-24 | CVE-2018-7456 | NULL Pointer Dereference vulnerability in multiple products A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. | 4.3 |
| 2018-02-23 | CVE-2018-1305 | Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. | 6.5 |
| 2018-02-23 | CVE-2018-7443 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c). | 4.3 |
| 2018-02-23 | CVE-2018-6764 | Origin Validation Error vulnerability in multiple products util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module. | 4.6 |
| 2018-02-19 | CVE-2018-7225 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in LibVNCServer through 0.9.11. | 7.5 |