Vulnerabilities (CVE)

Vendor filter

Canonical Subscribe

Product filter

Ubuntu Linux Subscribe

Filter

1888 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-2422 4 Oracle, Netapp, Canonical and 1 more 12 Jdk, Jre, Oncommand Unified Manager and 9 more 2019-03-25 4.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated...
CVE-2018-11212 6 Ijg, Netapp, Oracle and 3 more 11 Libjpeg, Oncommand Unified Manager, Oncommand Workflow Automation and 8 more 2019-03-25 4.3
An issue was discovered in libjpeg 9a. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
CVE-2017-18254 2 Imagemagick, Canonical 2 Imagemagick, Ubuntu Linux 2019-03-25 4.3
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2018-16890 4 Haxx, Canonical, Debian and 1 more 4 Libcurl, Ubuntu Linux, Debian Linux and 1 more 2019-03-25 5.0
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is...
CVE-2017-18251 2 Imagemagick, Canonical 2 Imagemagick, Ubuntu Linux 2019-03-25 4.3
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.
CVE-2018-1058 3 Postgresql, Redhat, Canonical 3 Postgresql, Cloudforms, Ubuntu Linux 2019-03-25 6.5
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through...
CVE-2017-18209 2 Imagemagick, Canonical 2 Imagemagick, Ubuntu Linux 2019-03-25 6.8
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.
CVE-2018-7550 4 Qemu, Redhat, Canonical and 1 more 10 Qemu, Virtualization, Ubuntu Linux and 7 more 2019-03-25 4.6
The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read...
CVE-2018-1000007 4 Haxx, Debian, Canonical and 1 more 6 Curl, Debian Linux, Ubuntu Linux and 3 more 2019-03-25 5.0
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to...
CVE-2018-1000005 3 Haxx, Debian, Canonical 3 Libcurl, Debian Linux, Ubuntu Linux 2019-03-25 6.4
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was...
CVE-2017-18022 2 Imagemagick, Canonical 2 Imagemagick, Ubuntu Linux 2019-03-25 4.3
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
CVE-2016-4578 6 Linux, Canonical, Novell and 3 more 19 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 16 more 2019-03-25 2.1
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1)...
CVE-2017-9117 2 Libtiff, Canonical 2 Libtiff, Ubuntu Linux 2019-03-25 7.5
In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.
CVE-2018-3060 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-03-25 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
CVE-2018-3061 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-03-25 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
CVE-2018-3056 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-03-25 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged...
CVE-2016-1840 6 Debian, Apple, Canonical and 3 more 15 Ubuntu Linux, Debian Linux, Iphone Os and 12 more 2019-03-25 6.8
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or...
CVE-2016-1839 6 Debian, Apple, Canonical and 3 more 15 Ubuntu Linux, Debian Linux, Iphone Os and 12 more 2019-03-25 4.3
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a...
CVE-2016-1838 6 Debian, Apple, Canonical and 3 more 15 Ubuntu Linux, Debian Linux, Iphone Os and 12 more 2019-03-25 4.3
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer...
CVE-2016-1837 6 Debian, Apple, Canonical and 3 more 15 Ubuntu Linux, Debian Linux, Iphone Os and 12 more 2019-03-25 4.3
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow...