Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-03-13 CVE-2018-1000085 Out-of-bounds Read vulnerability in multiple products
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains..
4.3
2018-03-13 CVE-2018-8087 Missing Release of Resource after Effective Lifetime vulnerability in Linux Kernel
Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.
local
low complexity
linux debian canonical CWE-772
4.9
2018-03-13 CVE-2018-1000097 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code.
6.8
2018-03-12 CVE-2016-9600 NULL Pointer Dereference vulnerability in multiple products
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files.
4.3
2018-03-09 CVE-2018-7537 Incorrect Regular Expression vulnerability in multiple products
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19.
network
low complexity
canonical djangoproject debian CWE-185
5.0
2018-03-09 CVE-2018-7536 Incorrect Regular Expression vulnerability in multiple products
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19.
network
low complexity
canonical djangoproject debian redhat CWE-185
5.3
2018-03-09 CVE-2018-7995 Race Condition vulnerability in multiple products
Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck<cpu number> directory.
local
high complexity
linux canonical debian CWE-362
4.7
2018-03-09 CVE-2018-1071 Stack-based Buffer Overflow vulnerability in multiple products
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function.
local
low complexity
zsh debian canonical redhat CWE-121
5.5
2018-03-07 CVE-2018-7752 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100.
6.8
2018-03-07 CVE-2018-7740 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.
local
low complexity
linux redhat canonical debian CWE-119
4.9