Vulnerabilities > Canonical > Ubuntu Linux

DATE CVE VULNERABILITY TITLE RISK
2018-10-17 CVE-2018-3143 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp canonical debian mariadb
6.5
6.5
2018-10-17 CVE-2018-3139 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian canonical hp
3.1
3.1
2018-10-17 CVE-2018-3136 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle redhat debian canonical hp
3.4
3.4
2018-10-17 CVE-2018-3133 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser).
network
low complexity
oracle netapp canonical debian mariadb
6.5
6.5
2018-10-16 CVE-2018-10839 Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue.
network
low complexity
qemu canonical debian
6.5
6.5
2018-10-15 CVE-2017-5934 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
moinmo debian canonical opensuse CWE-79
6.1
6.1
2018-10-15 CVE-2018-15378 Out-of-bounds Read vulnerability in multiple products
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition.
local
low complexity
clamav debian canonical CWE-125
5.5
5.5
2018-10-15 CVE-2018-18073 Information Exposure vulnerability in multiple products
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
local
low complexity
artifex debian canonical redhat CWE-200
6.3
6.3
2018-10-15 CVE-2018-17961 Information Exposure Through an Error Message vulnerability in multiple products
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup.
local
low complexity
artifex debian canonical redhat CWE-209
8.6
8.6
2018-10-15 CVE-2018-18310 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. 		5.5
5.5