Vulnerabilities > Canonical > Ubuntu Linux > 18.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-08 | CVE-2018-12020 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. | 5.0 |
| 2018-05-10 | CVE-2018-10963 | Reachable Assertion vulnerability in multiple products The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. | 4.3 |
| 2018-05-07 | CVE-2018-10779 | Out-of-bounds Read vulnerability in multiple products TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff. | 4.3 |
| 2018-04-19 | CVE-2018-2810 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
| 2018-03-22 | CVE-2018-8905 | Out-of-bounds Write vulnerability in multiple products In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps. | 8.8 |
| 2018-03-12 | CVE-2018-7858 | Out-of-bounds Read vulnerability in multiple products Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. | 2.1 |
| 2018-03-07 | CVE-2018-7752 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100. | 6.8 |
| 2018-03-06 | CVE-2018-1000100 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. | 6.8 |
| 2018-02-24 | CVE-2018-7456 | NULL Pointer Dereference vulnerability in multiple products A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. | 4.3 |
| 2018-02-13 | CVE-2018-6954 | Link Following vulnerability in multiple products systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. | 7.8 |