Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-04-03 CVE-2018-4117 Information Exposure vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple webkitgtk canonical redhat debian CWE-200
6.5
6.5
2018-04-03 CVE-2018-4113 Reachable Assertion vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple webkitgtk canonical CWE-617
6.5
6.5
2018-04-03 CVE-2017-7153 Open Redirect vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical CWE-601
6.1
6.1
2018-04-02 CVE-2018-1094 NULL Pointer Dereference vulnerability in multiple products
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.
local
low complexity
linux redhat canonical CWE-476
5.5
5.5
2018-03-30 CVE-2018-9133 Excessive Iteration vulnerability in multiple products
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file.
network
low complexity
imagemagick canonical CWE-834
6.5
6.5
2018-03-27 CVE-2018-0739 Uncontrolled Recursion vulnerability in multiple products
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion.
network
low complexity
openssl debian canonical CWE-674
6.5
6.5
2018-03-27 CVE-2018-0202 Out-of-bounds Read vulnerability in multiple products
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
local
low complexity
clamav canonical debian CWE-125
5.5
5.5
2018-03-27 CVE-2017-18254 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in ImageMagick 7.0.7.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2018-03-27 CVE-2017-18252 Reachable Assertion vulnerability in multiple products
An issue was discovered in ImageMagick 7.0.7.
network
low complexity
imagemagick canonical CWE-617
6.5
6.5
2018-03-27 CVE-2017-18251 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in ImageMagick 7.0.7.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5