Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-06-08 CVE-2018-4199 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An issue was discovered in certain Apple products.
6.8
2018-06-08 CVE-2018-4190 Insufficiently Protected Credentials vulnerability in Apple products
An issue was discovered in certain Apple products.
4.3
2018-06-07 CVE-2018-12015 Link Following vulnerability in multiple products
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
network
low complexity
canonical debian perl archive apple netapp CWE-59
6.4
2018-06-04 CVE-2018-11685 Out-of-bounds Write vulnerability in multiple products
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.
6.8
2018-06-04 CVE-2018-11684 Out-of-bounds Write vulnerability in multiple products
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.
6.8
2018-06-04 CVE-2018-11683 Out-of-bounds Write vulnerability in multiple products
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
6.8
2018-06-01 CVE-2018-11656 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.
4.3
2018-06-01 CVE-2018-11655 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.
4.3
2018-05-31 CVE-2018-11625 Out-of-bounds Read vulnerability in multiple products
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.
6.8
2018-05-31 CVE-2018-5388 Out-of-bounds Write vulnerability in multiple products
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
network
low complexity
strongswan debian canonical CWE-787
6.5