Vulnerabilities > Canonical > Ubuntu Linux > High

DATE CVE VULNERABILITY TITLE RISK
2017-11-07 CVE-2017-16642 Out-of-bounds Read vulnerability in multiple products
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function.
network
low complexity
php debian canonical netapp CWE-125
7.5
2017-11-06 CVE-2015-7529 Link Following vulnerability in multiple products
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date.
local
low complexity
sos-project canonical redhat CWE-59
7.8
2017-11-05 CVE-2017-16546 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.
network
low complexity
imagemagick debian canonical CWE-119
8.8
2017-11-04 CVE-2017-16526 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device.
local
low complexity
linux canonical debian CWE-119
7.8
2017-10-26 CVE-2017-15908 Infinite Loop vulnerability in multiple products
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.
network
low complexity
systemd-project canonical CWE-835
7.5
2017-10-17 CVE-2017-13082 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
8.1
2017-10-12 CVE-2017-15281 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."
network
low complexity
imagemagick canonical CWE-119
8.8
2017-10-11 CVE-2017-2888 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5.
network
low complexity
libsdl canonical debian CWE-190
8.8
2017-10-05 CVE-2017-15033 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
network
low complexity
imagemagick canonical CWE-772
7.5
2017-10-05 CVE-2017-15017 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
network
low complexity
imagemagick canonical CWE-476
8.8