Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2018-02-19	CVE-2018-7225	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in LibVNCServer through 0.9.11. network low complexity libvncserver-project debian canonical redhat CWE-190 critical	9.8
2018-02-19	CVE-2018-5381	Infinite Loop vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. network low complexity quagga canonical debian siemens CWE-835	7.5
2018-02-19	CVE-2018-5380	Out-of-bounds Read vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input. network low complexity quagga debian canonical siemens CWE-125	4.3
2018-02-19	CVE-2018-5379	Double Free vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. network low complexity quagga debian canonical redhat siemens CWE-415 critical	9.8
2018-02-19	CVE-2018-5378	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. network high complexity quagga debian canonical CWE-119	5.9
2018-02-16	CVE-2018-1049	Race Condition vulnerability in multiple products In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. network high complexity systemd-project redhat canonical debian CWE-362	5.9
2018-02-16	CVE-2017-18190	Authentication Bypass by Spoofing vulnerability in multiple products A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. network low complexity apple debian canonical CWE-290	7.5
2018-02-15	CVE-2018-7054	Use After Free vulnerability in multiple products An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. network low complexity irssi canonical debian CWE-416 critical	9.8
2018-02-15	CVE-2018-7053	Use After Free vulnerability in multiple products An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. network low complexity irssi debian canonical CWE-416 critical	9.8
2018-02-15	CVE-2018-7052	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. network low complexity irssi canonical debian CWE-476	7.5