Vulnerabilities > Canonical > Ubuntu Linux > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-24 | CVE-2017-11591 | There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | 7.5 |
2017-07-21 | CVE-2015-5300 | 7PK - Time and State vulnerability in multiple products The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart). | 7.5 |
2017-07-21 | CVE-2015-5219 | Incorrect Type Conversion or Cast vulnerability in multiple products The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. | 7.5 |
2017-07-21 | CVE-2015-5195 | Improper Input Validation vulnerability in multiple products ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation. | 7.5 |
2017-07-21 | CVE-2015-5194 | Improper Input Validation vulnerability in multiple products The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands. | 7.5 |
2017-07-20 | CVE-2017-11473 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table. | 7.8 |
2017-07-17 | CVE-2017-1000050 | NULL Pointer Dereference vulnerability in multiple products JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service. | 7.5 |
2017-07-08 | CVE-2017-11111 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | 7.8 |
2017-06-29 | CVE-2017-10686 | Use After Free vulnerability in multiple products In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. | 7.8 |
2017-06-28 | CVE-2017-9985 | Out-of-bounds Read vulnerability in multiple products The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability. | 7.8 |