Vulnerabilities > Canonical > Ubuntu Linux

DATE CVE VULNERABILITY TITLE RISK
2018-04-29 CVE-2018-10549 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-125
8.8
8.8
2018-04-29 CVE-2018-10548 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-476
7.5
7.5
2018-04-29 CVE-2018-10547 Cross-site Scripting vulnerability in multiple products
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-79
6.1
6.1
2018-04-29 CVE-2018-10546 Infinite Loop vulnerability in multiple products
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-835
7.5
7.5
2018-04-29 CVE-2018-10545 Information Exposure vulnerability in multiple products
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4.
local
high complexity
php canonical debian netapp CWE-200
4.7
4.7
2018-04-29 CVE-2018-10529 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in LibRaw 0.18.9.
network
low complexity
canonical libraw CWE-125
8.8
8.8
2018-04-29 CVE-2018-10528 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in LibRaw 0.18.9.
network
low complexity
canonical libraw CWE-787
8.8
8.8
2018-04-24 CVE-2018-1059 Information Exposure vulnerability in multiple products
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations.
high complexity
canonical redhat dpdk CWE-200
6.1
6.1
2018-04-24 CVE-2018-10323 NULL Pointer Dereference vulnerability in multiple products
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.
local
low complexity
linux canonical debian CWE-476
5.5
5.5
2018-04-23 CVE-2018-1106 Improper Authentication vulnerability in multiple products
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. 		5.5
5.5