14.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-16	CVE-2018-17100	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in LibTIFF 4.0.9. network debian libtiff canonical CWE-190	6.8
2018-09-16	CVE-2018-17095	Out-of-bounds Write vulnerability in multiple products An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. network audio-file-library-project canonical CWE-787	6.8
2018-09-13	CVE-2018-17000	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. network libtiff debian canonical CWE-476	4.3
2018-09-10	CVE-2018-16802	An issue was discovered in Artifex Ghostscript before 9.25. local low complexity artifex debian canonical redhat	7.8
2018-09-10	CVE-2016-7056	Covert Timing Channel vulnerability in multiple products A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. local low complexity openssl debian redhat canonical CWE-385	5.5
2018-09-10	CVE-2018-14625	Use After Free vulnerability in multiple products A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. local high complexity linux canonical debian CWE-416	7.0
2018-09-09	CVE-2018-16750	Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found. network imagemagick canonical CWE-772	4.3
2018-09-09	CVE-2018-16749	NULL Pointer Dereference vulnerability in multiple products In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file. network imagemagick canonical debian CWE-476	4.3
2018-09-07	CVE-2018-16658	Information Exposure vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.18.6. local low complexity linux canonical debian CWE-200	3.6
2018-09-07	CVE-2018-0644	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Canonical Ubuntu Linux 14.04/16.04 Buffer overflow in Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-client2) 1:1.4.9+p41-u4jma1 and earlier, Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 5.0.0 (panda-client2) 1:2.0.0+p48-u4jma1 and earlier, and Ubuntu16.04 ORCA (Online Receipt Computer Advantage) 5.0.0 (panda-client2) 1:2.0.0+p48-u5jma1 and earlier allows authenticated attackers to cause denial-of-service (DoS) condition via unspecified vectors. network low complexity canonical CWE-119	4.0