Vulnerabilities > Canonical > Ubuntu Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-17 | CVE-2018-14350 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. | 7.5 |
| 2018-07-17 | CVE-2018-14349 | Improper Input Validation vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. | 7.5 |
| 2018-07-11 | CVE-2018-0500 | Out-of-bounds Write vulnerability in multiple products Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value). | 7.5 |
| 2018-07-06 | CVE-2018-13406 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. | 7.8 |
| 2018-07-06 | CVE-2018-13405 | Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. | 7.8 |
| 2018-07-01 | CVE-2018-13043 | Code Injection vulnerability in multiple products scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing. | 7.5 |
| 2018-06-29 | CVE-2018-13006 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in MP4Box in GPAC 0.7.1. | 7.5 |
| 2018-06-29 | CVE-2018-13005 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in MP4Box in GPAC 0.7.1. | 7.5 |
| 2018-06-28 | CVE-2018-12931 | Out-of-bounds Write vulnerability in multiple products ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. | 7.2 |
| 2018-06-28 | CVE-2018-12930 | Out-of-bounds Write vulnerability in multiple products ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. | 7.2 |