Vulnerabilities > Canonical > Ubuntu Linux > 18.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-04 | CVE-2018-6616 | Resource Exhaustion vulnerability in multiple products In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. | 5.5 |
| 2018-02-02 | CVE-2017-14180 | Resource Exhaustion vulnerability in multiple products Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than CVE-2017-14179. | 7.8 |
| 2018-02-02 | CVE-2017-14179 | Resource Exhaustion vulnerability in multiple products Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. | 7.8 |
| 2018-02-02 | CVE-2017-14177 | Resource Exhaustion vulnerability in multiple products Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. | 7.8 |
| 2018-02-02 | CVE-2018-6541 | In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). | 6.5 |
| 2018-02-02 | CVE-2018-6540 | In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. | 6.5 |
| 2018-02-01 | CVE-2018-6484 | In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. | 6.5 |
| 2018-01-30 | CVE-2018-6405 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. | 6.5 |
| 2018-01-29 | CVE-2018-6381 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data. | 6.5 |
| 2018-01-23 | CVE-2017-15105 | Improper Input Validation vulnerability in multiple products A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. | 5.3 |