Vulnerabilities > Canonical > Ubuntu Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-04 | CVE-2017-12617 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. | 8.1 |
| 2017-10-03 | CVE-2017-14496 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. | 7.5 |
| 2017-10-03 | CVE-2017-14495 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. | 7.5 |
| 2017-10-03 | CVE-2017-14494 | Information Exposure vulnerability in multiple products dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. | 5.9 |
| 2017-10-03 | CVE-2017-14493 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. | 9.8 |
| 2017-10-03 | CVE-2017-14492 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. | 9.8 |
| 2017-10-03 | CVE-2017-13704 | Improper Input Validation vulnerability in multiple products In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. | 7.5 |
| 2017-09-29 | CVE-2017-14864 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. | 5.5 |
| 2017-09-29 | CVE-2017-14862 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. | 5.5 |
| 2017-09-29 | CVE-2017-14859 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. | 5.5 |