Vulnerabilities > Canonical > Ubuntu Linux > High

DATE CVE VULNERABILITY TITLE RISK
2018-04-19 CVE-2018-2826 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries).
network
high complexity
oracle canonical netapp
8.3
2018-04-19 CVE-2018-2825 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries).
network
high complexity
oracle canonical netapp
8.3
2018-04-19 CVE-2018-2814 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). 8.3
2018-04-19 CVE-2018-2794 Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). 7.7
2018-04-19 CVE-2018-2783 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle redhat canonical hp
7.4
2018-04-18 CVE-2018-10194 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
local
low complexity
artifex canonical debian redhat CWE-119
7.8
2018-04-17 CVE-2018-6913 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.
network
low complexity
debian perl canonical CWE-787
7.5
2018-04-17 CVE-2018-6797 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Perl 5.18 through 5.26.
network
low complexity
debian perl canonical redhat CWE-787
7.5
2018-04-16 CVE-2018-10120 Improper Validation of Array Index vulnerability in multiple products
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.
local
low complexity
debian libreoffice redhat canonical CWE-129
7.8
2018-04-16 CVE-2018-10119 Use After Free vulnerability in multiple products
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.
local
low complexity
libreoffice debian redhat canonical CWE-416
7.8