Vulnerabilities > Canonical > Ubuntu Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-26 | CVE-2018-1302 | NULL Pointer Dereference vulnerability in multiple products When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. | 5.9 |
| 2018-03-26 | CVE-2018-1301 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. | 5.9 |
| 2018-03-26 | CVE-2018-1283 | In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. | 5.3 |
| 2018-03-21 | CVE-2017-18241 | NULL Pointer Dereference vulnerability in multiple products fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure. | 5.5 |
| 2018-03-16 | CVE-2018-1068 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. | 6.7 |
| 2018-03-15 | CVE-2017-18236 | Infinite Loop vulnerability in multiple products An issue was discovered in Exempi before 2.4.4. | 5.5 |
| 2018-03-15 | CVE-2017-18233 | Infinite Loop vulnerability in multiple products An issue was discovered in Exempi before 2.4.4. | 5.5 |
| 2018-03-13 | CVE-2018-1050 | NULL Pointer Dereference vulnerability in multiple products All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. | 4.3 |
| 2018-03-13 | CVE-2018-1000085 | Out-of-bounds Read vulnerability in multiple products ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. | 5.5 |
| 2018-03-13 | CVE-2018-8087 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case. | 5.5 |