Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-29	CVE-2018-0735	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. network high complexity openssl canonical debian nodejs netapp oracle CWE-327	5.9
2018-10-29	CVE-2018-18751	Double Free vulnerability in multiple products An issue was discovered in GNU gettext 0.19.8. network low complexity gnu canonical redhat CWE-415 critical	9.8
2018-10-29	CVE-2018-18710	Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel through 4.19. local low complexity linux canonical debian CWE-200	5.5
2018-10-26	CVE-2018-18690	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form. local low complexity linux canonical debian CWE-754	5.5
2018-10-26	CVE-2018-6559	Information Exposure vulnerability in multiple products The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace. local low complexity linux canonical CWE-200	3.3
2018-10-26	CVE-2018-18661	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibTIFF 4.0.9. network low complexity libtiff canonical CWE-476	6.5
2018-10-26	CVE-2018-15688	Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. low complexity systemd-project debian canonical redhat CWE-120	8.8
2018-10-26	CVE-2018-15687	Race Condition vulnerability in multiple products A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. local high complexity canonical systemd-project CWE-362	7.0
2018-10-26	CVE-2018-15686	Deserialization of Untrusted Data vulnerability in multiple products A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. local low complexity debian canonical systemd-project oracle CWE-502	7.8
2018-10-26	CVE-2018-18653	Improper Verification of Cryptographic Signature vulnerability in Canonical Ubuntu Linux 18.10 The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. local low complexity canonical CWE-347	7.8