Vulnerabilities > Canonical > Ubuntu Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-04 | CVE-2018-16428 | NULL Pointer Dereference vulnerability in multiple products In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference. | 9.8 |
| 2018-09-03 | CVE-2018-16402 | Double Free vulnerability in multiple products libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. | 9.8 |
| 2018-09-02 | CVE-2018-16336 | Out-of-bounds Read vulnerability in multiple products Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999. | 6.5 |
| 2018-09-01 | CVE-2018-16323 | Information Exposure vulnerability in multiple products ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. | 6.5 |
| 2018-08-31 | CVE-2018-16276 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. | 7.8 |
| 2018-08-30 | CVE-2018-14622 | Unchecked Return Value vulnerability in multiple products A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. | 7.5 |
| 2018-08-30 | CVE-2018-16140 | Out-of-bounds Write vulnerability in multiple products A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file. | 7.8 |
| 2018-08-29 | CVE-2018-16062 | Out-of-bounds Read vulnerability in multiple products dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | 5.5 |
| 2018-08-28 | CVE-2017-15422 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 6.5 |
| 2018-08-28 | CVE-2018-15911 | Use of Uninitialized Resource vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. | 7.8 |