Vulnerabilities > Canonical > Ubuntu Linux > 18.04

DATE CVE VULNERABILITY TITLE RISK
2018-06-01 CVE-2018-11656 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.
4.3
2018-06-01 CVE-2018-11655 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.
4.3
2018-05-31 CVE-2018-6552 Unspecified vulnerability in Apport Project Apport
Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers.
local
low complexity
apport-project canonical
7.2
2018-05-31 CVE-2018-11625 Out-of-bounds Read vulnerability in multiple products
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.
6.8
2018-05-31 CVE-2018-5388 Out-of-bounds Write vulnerability in multiple products
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
network
low complexity
strongswan debian canonical CWE-787
6.5
2018-05-31 CVE-2018-11577 Classic Buffer Overflow vulnerability in multiple products
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.
6.8
2018-05-30 CVE-2018-10196 NULL Pointer Dereference vulnerability in multiple products
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
local
low complexity
graphviz fedoraproject canonical CWE-476
5.5
2018-05-30 CVE-2018-11235 Path Traversal vulnerability in multiple products
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur.
6.8
2018-05-30 CVE-2018-11233 Out-of-bounds Read vulnerability in multiple products
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.
network
low complexity
canonical git-scm CWE-125
5.0
2018-05-29 CVE-2018-11531 Out-of-bounds Write vulnerability in multiple products
Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.
network
low complexity
exiv2 debian canonical CWE-787
7.5