Vulnerabilities > Canonical > Ubuntu Linux > 14.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-01 | CVE-2018-6484 | In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. | 4.3 |
| 2018-01-31 | CVE-2017-18043 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash). | 5.5 |
| 2018-01-31 | CVE-2018-1000001 | Out-of-bounds Write vulnerability in multiple products In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. | 7.2 |
| 2018-01-30 | CVE-2018-6405 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. | 4.3 |
| 2018-01-29 | CVE-2018-6381 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data. | 4.3 |
| 2018-01-29 | CVE-2017-18079 | NULL Pointer Dereference vulnerability in multiple products drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated. | 7.8 |
| 2018-01-26 | CVE-2018-5750 | Information Exposure vulnerability in Linux Kernel The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call. | 2.1 |
| 2018-01-25 | CVE-2017-15132 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. | 5.0 |
| 2018-01-25 | CVE-2018-6198 | Link Following vulnerability in multiple products w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. | 4.7 |
| 2018-01-25 | CVE-2018-6197 | NULL Pointer Dereference vulnerability in multiple products w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. | 7.5 |