Vulnerabilities > Canonical > Ubuntu Linux > 18.04

DATE CVE VULNERABILITY TITLE RISK
2018-09-05 CVE-2018-14618 Integer Overflow or Wraparound vulnerability in multiple products
curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code.
network
low complexity
haxx canonical debian redhat CWE-190
critical
10.0
2018-09-05 CVE-2018-16543 In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact.
local
low complexity
artifex canonical debian
7.8
2018-09-05 CVE-2018-16542 Out-of-bounds Write vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.
local
low complexity
artifex redhat debian canonical CWE-787
5.5
2018-09-05 CVE-2018-16541 Use After Free vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.
local
low complexity
artifex canonical debian redhat CWE-416
5.5
2018-09-05 CVE-2018-16540 Use After Free vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
local
low complexity
artifex redhat debian canonical CWE-416
7.8
2018-09-05 CVE-2018-16539 Information Exposure vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.
local
low complexity
artifex canonical debian redhat CWE-200
5.5
2018-09-05 CVE-2018-16513 Incorrect Type Conversion or Cast vulnerability in multiple products
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.
local
low complexity
artifex debian canonical pulsesecure CWE-704
7.8
2018-09-05 CVE-2018-13259 Improper Input Validation vulnerability in multiple products
An issue was discovered in zsh before 5.6.
network
low complexity
canonical zsh CWE-20
7.5
2018-09-05 CVE-2018-0502 Improper Input Validation vulnerability in multiple products
An issue was discovered in zsh before 5.6.
network
low complexity
canonical zsh CWE-20
7.5
2018-09-05 CVE-2018-16511 Incorrect Type Conversion or Cast vulnerability in multiple products
An issue was discovered in Artifex Ghostscript before 9.24.
local
low complexity
debian artifex canonical redhat CWE-704
7.8