Vulnerabilities > Canonical > Ubuntu Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-14 | CVE-2017-15298 | Resource Exhaustion vulnerability in multiple products Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. | 5.5 |
2017-10-10 | CVE-2017-15218 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c. | 6.5 |
2017-10-10 | CVE-2017-15217 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. | 6.5 |
2017-10-10 | CVE-2014-9092 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker. | 6.5 |
2017-10-03 | CVE-2017-14494 | Information Exposure vulnerability in multiple products dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. | 5.9 |
2017-09-29 | CVE-2017-14864 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. | 5.5 |
2017-09-29 | CVE-2017-14862 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. | 5.5 |
2017-09-29 | CVE-2017-14859 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. | 5.5 |
2017-09-21 | CVE-2017-12153 | NULL Pointer Dereference vulnerability in multiple products A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. | 4.4 |
2017-09-21 | CVE-2017-14633 | Out-of-bounds Read vulnerability in multiple products In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). | 6.5 |