Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-06	CVE-2018-16642	Out-of-bounds Write vulnerability in multiple products The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write. network low complexity imagemagick debian canonical CWE-787	6.5
2018-09-06	CVE-2018-16640	Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c. network low complexity imagemagick canonical CWE-772	6.5
2018-09-06	CVE-2018-5391	Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. network low complexity linux redhat debian canonical microsoft f5 siemens CWE-20	7.5
2018-09-06	CVE-2018-16585	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Artifex Ghostscript before 9.24. local low complexity artifex canonical debian CWE-119	7.8
2018-09-05	CVE-2018-14618	Integer Overflow or Wraparound vulnerability in multiple products curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. network low complexity haxx canonical debian redhat CWE-190 critical	9.8
2018-09-05	CVE-2018-16543	In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact. local low complexity artifex canonical debian	7.8
2018-09-05	CVE-2018-16542	Out-of-bounds Write vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. local low complexity artifex redhat debian canonical CWE-787	5.5
2018-09-05	CVE-2018-16541	Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. local low complexity artifex canonical debian redhat CWE-416	5.5
2018-09-05	CVE-2018-16540	Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. local low complexity artifex redhat debian canonical CWE-416	7.8
2018-09-05	CVE-2018-16539	Information Exposure vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. local low complexity artifex canonical debian redhat CWE-200	5.5