Filtered by vendor Canonical
Subscribe
Total
4214 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-18312 | 5 Canonical, Debian, Netapp and 2 more | 8 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 5 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||||
| CVE-2018-1302 | 3 Apache, Canonical, Netapp | 6 Http Server, Ubuntu Linux, Clustered Data Ontap and 3 more | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk. | |||||
| CVE-2018-18849 | 4 Canonical, Fedoraproject, Opensuse and 1 more | 4 Ubuntu Linux, Fedora, Leap and 1 more | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value. | |||||
| CVE-2018-19841 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. | |||||
| CVE-2018-1100 | 3 Canonical, Redhat, Zsh | 5 Ubuntu Linux, Enterprise Linux Desktop, Enterprise Linux Server and 2 more | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user. | |||||
| CVE-2018-18313 | 6 Apple, Canonical, Debian and 3 more | 9 Mac Os X, Ubuntu Linux, Debian Linux and 6 more | 2023-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. | |||||
| CVE-2018-19364 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. | |||||
| CVE-2018-19475 | 4 Artifex, Canonical, Debian and 1 more | 10 Ghostscript, Ubuntu Linux, Debian Linux and 7 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same. | |||||
| CVE-2018-18284 | 5 Artifex, Canonical, Debian and 2 more | 11 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 8 more | 2023-11-07 | 6.8 MEDIUM | 8.6 HIGH |
| Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. | |||||
| CVE-2018-1301 | 5 Apache, Canonical, Debian and 2 more | 8 Http Server, Ubuntu Linux, Debian Linux and 5 more | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage. | |||||
| CVE-2018-19840 | 4 Canonical, Fedoraproject, Opensuse and 1 more | 4 Ubuntu Linux, Fedora, Leap and 1 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero. | |||||
| CVE-2018-17972 | 4 Canonical, Debian, Linux and 1 more | 9 Ubuntu Linux, Debian Linux, Linux Kernel and 6 more | 2023-11-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents. | |||||
| CVE-2018-17466 | 4 Canonical, Debian, Google and 1 more | 9 Ubuntu Linux, Debian Linux, Chrome and 6 more | 2023-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2018-17961 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2023-11-07 | 6.8 MEDIUM | 8.6 HIGH |
| Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. | |||||
| CVE-2018-17183 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. | |||||
| CVE-2018-17189 | 7 Apache, Canonical, Debian and 4 more | 13 Http Server, Ubuntu Linux, Debian Linux and 10 more | 2023-11-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections. | |||||
| CVE-2018-17540 | 3 Canonical, Debian, Strongswan | 3 Ubuntu Linux, Debian Linux, Strongswan | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. | |||||
| CVE-2018-18073 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2023-11-07 | 4.3 MEDIUM | 6.3 MEDIUM |
| Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. | |||||
| CVE-2018-17199 | 5 Apache, Canonical, Debian and 2 more | 6 Http Server, Ubuntu Linux, Debian Linux and 3 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded. | |||||
| CVE-2018-16878 | 6 Canonical, Clusterlabs, Debian and 3 more | 9 Ubuntu Linux, Pacemaker, Debian Linux and 6 more | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS | |||||