Vulnerabilities > Canonical > Ubuntu Linux > 18.10

DATE CVE VULNERABILITY TITLE RISK
2018-02-13 CVE-2018-6954 Link Following vulnerability in multiple products
systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink.
local
low complexity
systemd-project canonical opensuse CWE-59
7.8
7.8
2017-12-13 CVE-2017-17669 Out-of-bounds Read vulnerability in multiple products
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26.
local
low complexity
exiv2 canonical debian CWE-125
5.5
5.5
2017-10-24 CVE-2017-15873 Integer Overflow or Wraparound vulnerability in multiple products
The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.
local
low complexity
busybox debian canonical CWE-190
5.5
5.5
2017-10-14 CVE-2017-15298 Resource Exhaustion vulnerability in multiple products
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb.
local
low complexity
git-scm canonical CWE-400
5.5
5.5
2017-09-29 CVE-2017-14864 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26.
local
low complexity
exiv2 canonical debian CWE-119
5.5
5.5
2017-09-29 CVE-2017-14862 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26.
local
low complexity
exiv2 canonical debian CWE-119
5.5
5.5
2017-09-29 CVE-2017-14859 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26.
local
low complexity
exiv2 canonical debian CWE-119
5.5
5.5
2017-08-07 CVE-2011-5325 Path Traversal vulnerability in multiple products
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.
network
low complexity
busybox debian canonical CWE-22
7.5
7.5
2017-07-27 CVE-2017-11683 Reachable Assertion vulnerability in multiple products
There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.
network
low complexity
exiv2 canonical debian CWE-617
6.5
6.5
2017-07-24 CVE-2017-11591 There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.
network
low complexity
exiv2 canonical debian
7.5
7.5