Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-10-14 CVE-2017-15298 Resource Exhaustion vulnerability in Git-Scm GIT
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb.
4.3
2017-10-12 CVE-2017-15281 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."
6.8
2017-10-11 CVE-2017-2888 Integer Overflow or Wraparound vulnerability in multiple products
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5.
6.8
2017-10-10 CVE-2017-15218 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
4.3
2017-10-10 CVE-2017-15217 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.
4.3
2017-10-10 CVE-2014-9092 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
4.3
2017-10-05 CVE-2017-15033 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
network
low complexity
imagemagick canonical CWE-772
5.0
2017-10-05 CVE-2017-15017 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
6.8
2017-10-05 CVE-2017-15016 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
6.8
2017-10-05 CVE-2017-15015 NULL Pointer Dereference vulnerability in multiple products
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
6.8