Vulnerabilities > Canonical > Ubuntu Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-24 | CVE-2018-1000300 | Out-of-bounds Write vulnerability in multiple products curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. | 7.5 |
| 2018-05-24 | CVE-2018-11410 | Use After Free vulnerability in multiple products An issue was discovered in Liblouis 3.5.0. | 7.5 |
| 2018-05-23 | CVE-2018-1123 | Heap-based Buffer Overflow vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. | 7.5 |
| 2018-05-23 | CVE-2018-1126 | Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. | 7.5 |
| 2018-05-18 | CVE-2017-18273 | Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. | 7.1 |
| 2018-05-18 | CVE-2017-18271 | Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. | 7.1 |
| 2018-05-08 | CVE-2018-8897 | Race Condition vulnerability in multiple products A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. | 7.2 |
| 2018-05-02 | CVE-2018-10675 | Use After Free vulnerability in multiple products The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls. | 7.8 |
| 2018-05-01 | CVE-2018-10583 | Information Exposure vulnerability in multiple products An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. | 7.5 |
| 2018-04-23 | CVE-2018-8781 | Integer Overflow or Wraparound vulnerability in multiple products The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space. | 7.8 |