Vulnerabilities > Canonical > Ubuntu Linux > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-04-03 | CVE-2018-4088 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in certain Apple products. | 8.8 |
2018-04-03 | CVE-2017-7165 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in certain Apple products. | 8.8 |
2018-04-03 | CVE-2017-7161 | Command Injection vulnerability in multiple products An issue was discovered in certain Apple products. | 8.8 |
2018-04-03 | CVE-2017-13885 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in certain Apple products. | 8.8 |
2018-04-03 | CVE-2017-13884 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in certain Apple products. | 8.8 |
2018-03-30 | CVE-2018-7566 | Race Condition vulnerability in multiple products The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. | 7.8 |
2018-03-28 | CVE-2018-8885 | Race Condition vulnerability in Canonical Screen-Resolution-Extra and Ubuntu Linux screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._check_permission call. | 7.0 |
2018-03-28 | CVE-2018-1083 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. | 7.8 |
2018-03-26 | CVE-2018-1303 | Out-of-bounds Read vulnerability in multiple products A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. | 7.5 |
2018-03-26 | CVE-2017-15715 | Improper Input Validation vulnerability in multiple products In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. | 8.1 |