Vulnerabilities > Canonical > Ubuntu Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-10-03 CVE-2017-14492 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
network
low complexity
redhat debian canonical thekelleys CWE-119
critical
 9.8
9.8
2017-10-03 CVE-2017-14493 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
network
low complexity
redhat debian canonical opensuse thekelleys CWE-119
critical
 9.8
9.8
2017-09-21 CVE-2017-14632 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
network
low complexity
xiph-org debian canonical CWE-119
critical
 9.8
9.8
2017-09-21 CVE-2017-14624 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
network
low complexity
imagemagick canonical CWE-476
critical
 9.8
9.8
2017-09-21 CVE-2017-14625 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
network
low complexity
imagemagick canonical CWE-476
critical
 9.8
9.8
2017-09-21 CVE-2017-14626 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
network
low complexity
imagemagick canonical CWE-476
critical
 9.8
9.8
2017-09-18 CVE-2017-14532 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
network
low complexity
imagemagick canonical CWE-476
critical
 9.8
9.8
2017-08-31 CVE-2017-14064 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call.
network
low complexity
ruby-lang debian canonical redhat CWE-119
critical
 9.8
9.8
2017-08-23 CVE-2017-13139 Out-of-bounds Read vulnerability in multiple products
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
network
low complexity
imagemagick debian canonical CWE-125
critical
 9.8
9.8
2017-08-10 CVE-2016-5018 In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.
network
low complexity
apache netapp canonical debian redhat oracle
critical
 9.1
9.1