Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-05-06 CVE-2018-0494 Improper Input Validation vulnerability in multiple products
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
4.3
2018-04-29 CVE-2018-10549 Out-of-bounds Read vulnerability in PHP
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
6.8
2018-04-29 CVE-2018-10548 NULL Pointer Dereference vulnerability in PHP
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-476
5.0
2018-04-29 CVE-2018-10547 Cross-site Scripting vulnerability in PHP
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
4.3
2018-04-29 CVE-2018-10546 Infinite Loop vulnerability in PHP
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-835
5.0
2018-04-29 CVE-2018-10529 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in LibRaw 0.18.9.
6.8
2018-04-29 CVE-2018-10528 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in LibRaw 0.18.9.
6.8
2018-04-24 CVE-2018-10323 NULL Pointer Dereference vulnerability in multiple products
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.
local
low complexity
linux canonical debian CWE-476
4.9
2018-04-19 CVE-2018-2846 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema).
network
low complexity
oracle canonical netapp
4.0
2018-04-19 CVE-2018-2839 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle canonical netapp
4.0