Vulnerabilities > Canonical > Ubuntu Linux > 14.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-17 | CVE-2017-13080 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. | 2.9 |
| 2017-10-17 | CVE-2017-13079 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients. | 2.9 |
| 2017-10-17 | CVE-2017-13078 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. | 2.9 |
| 2017-10-17 | CVE-2017-13077 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | 5.4 |
| 2017-10-14 | CVE-2017-15298 | Resource Exhaustion vulnerability in Git-Scm GIT Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. | 4.3 |
| 2017-10-12 | CVE-2017-15281 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)." | 6.8 |
| 2017-10-11 | CVE-2017-0903 | Deserialization of Untrusted Data vulnerability in multiple products RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. | 7.5 |
| 2017-10-10 | CVE-2017-15218 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c. | 4.3 |
| 2017-10-10 | CVE-2017-15217 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. | 4.3 |
| 2017-10-10 | CVE-2014-9092 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker. | 4.3 |