Vulnerabilities > Canonical > Ubuntu Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-07-27 CVE-2017-15118 Out-of-bounds Write vulnerability in multiple products
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process.
network
low complexity
qemu redhat canonical CWE-787
critical
 9.8
9.8
2018-07-23 CVE-2018-14551 Use of Uninitialized Resource vulnerability in multiple products
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
network
low complexity
imagemagick canonical CWE-908
critical
 9.8
9.8
2018-07-20 CVE-2016-10727 Information Exposure vulnerability in multiple products
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
network
low complexity
canonical gnome CWE-200
critical
 9.8
9.8
2018-07-19 CVE-2017-7481 Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe.
network
low complexity
redhat canonical debian
critical
 9.8
9.8
2018-07-19 CVE-2018-12911 Out-of-bounds Write vulnerability in multiple products
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.
network
low complexity
webkitgtk canonical CWE-787
critical
 9.8
9.8
2018-07-17 CVE-2018-14349 Improper Input Validation vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
debian mutt neomutt canonical CWE-20
critical
 9.8
9.8
2018-07-17 CVE-2018-14350 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt debian canonical CWE-787
critical
 9.8
9.8
2018-07-17 CVE-2018-14351 Improper Input Validation vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian CWE-20
critical
 9.8
9.8
2018-07-17 CVE-2018-14352 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian CWE-787
critical
 9.8
9.8
2018-07-17 CVE-2018-14353 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16.
network
low complexity
mutt neomutt canonical debian CWE-191
critical
 9.8
9.8