Vulnerabilities > Canonical > Ubuntu Linux > 17.10

DATE CVE VULNERABILITY TITLE RISK
2018-05-08 CVE-2018-10804 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2018-05-06 CVE-2018-0494 Improper Input Validation vulnerability in multiple products
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
network
low complexity
gnu canonical debian redhat CWE-20
6.5
6.5
2018-04-29 CVE-2018-10549 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-125
8.8
8.8
2018-04-29 CVE-2018-10548 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-476
7.5
7.5
2018-04-29 CVE-2018-10547 Cross-site Scripting vulnerability in multiple products
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-79
6.1
6.1
2018-04-29 CVE-2018-10546 Infinite Loop vulnerability in multiple products
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-835
7.5
7.5
2018-04-29 CVE-2018-10545 Information Exposure vulnerability in multiple products
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4.
local
high complexity
php canonical debian netapp CWE-200
4.7
4.7
2018-04-29 CVE-2018-10529 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in LibRaw 0.18.9.
network
low complexity
canonical libraw CWE-125
8.8
8.8
2018-04-29 CVE-2018-10528 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in LibRaw 0.18.9.
network
low complexity
canonical libraw CWE-787
8.8
8.8
2018-04-24 CVE-2018-1059 Information Exposure vulnerability in multiple products
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations.
high complexity
canonical redhat dpdk CWE-200
6.1
6.1