Vulnerabilities > Canonical > Ubuntu Linux > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-05 | CVE-2017-15016 | NULL Pointer Dereference vulnerability in multiple products ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c. | 8.8 |
2017-10-05 | CVE-2017-15015 | NULL Pointer Dereference vulnerability in multiple products ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c. | 8.8 |
2017-10-04 | CVE-2017-12617 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. | 8.1 |
2017-10-03 | CVE-2017-14496 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. | 7.5 |
2017-10-03 | CVE-2017-14495 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. | 7.5 |
2017-10-03 | CVE-2017-13704 | Improper Input Validation vulnerability in multiple products In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. | 7.5 |
2017-09-20 | CVE-2017-14607 | Out-of-bounds Read vulnerability in multiple products In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. | 8.1 |
2017-09-20 | CVE-2015-1329 | Use After Free vulnerability in Canonical Ubuntu Linux 14.04/15.04 Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in oxide-qt in Ubuntu 15.04 and 14.04 LTS might allow remote attackers to execute arbitrary code. | 8.8 |
2017-09-07 | CVE-2017-6362 | Double Free vulnerability in multiple products Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. | 7.5 |
2017-08-31 | CVE-2017-0902 | Origin Validation Error vulnerability in multiple products RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls. | 8.1 |