Vulnerabilities > Canonical > Ubuntu Linux > High

DATE CVE VULNERABILITY TITLE RISK
2018-04-03 CVE-2018-4088 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical CWE-119
8.8
2018-04-03 CVE-2017-7165 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical CWE-119
8.8
2018-04-03 CVE-2017-7161 Command Injection vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical CWE-77
8.8
2018-04-03 CVE-2017-13885 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical CWE-119
8.8
2018-04-03 CVE-2017-13884 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical CWE-119
8.8
2018-03-30 CVE-2018-7566 Race Condition vulnerability in multiple products
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
local
low complexity
linux suse canonical debian redhat oracle CWE-362
7.8
2018-03-28 CVE-2018-8885 Race Condition vulnerability in Canonical Screen-Resolution-Extra and Ubuntu Linux
screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._check_permission call.
local
high complexity
canonical CWE-362
7.0
2018-03-28 CVE-2018-1083 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality.
local
low complexity
zsh canonical debian redhat CWE-119
7.8
2018-03-26 CVE-2018-1303 Out-of-bounds Read vulnerability in multiple products
A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory.
network
low complexity
apache debian canonical netapp CWE-125
7.5
2018-03-26 CVE-2017-15715 Improper Input Validation vulnerability in multiple products
In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename.
network
high complexity
apache debian canonical netapp redhat CWE-20
8.1