CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Canonical » Ubuntu Linux » 18.04 ~~lts~~~ : Security Vulnerabilities

Cpe Name:cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
601 CVE-2018-1100 119 Exec Code Overflow 2018-04-11 2019-10-09
7.2
None Local Low Not required Complete Complete Complete
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
602 CVE-2018-1084 190 Overflow 2018-04-12 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.
603 CVE-2018-1061 DoS 2018-06-19 2019-10-02
5.0
None Remote Low Not required None None Partial
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
604 CVE-2018-1060 DoS 2018-06-18 2019-10-02
5.0
None Remote Low Not required None None Partial
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
605 CVE-2018-1059 200 +Info 2018-04-24 2018-08-21
2.9
None Local Network Medium Not required Partial None None
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.
606 CVE-2018-0735 320 2018-10-29 2019-07-23
4.3
None Remote Medium Not required Partial None None
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
607 CVE-2018-0734 320 2018-10-30 2019-06-11
4.3
None Remote Medium Not required Partial None None
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
608 CVE-2018-0732 320 DoS 2018-06-12 2019-05-30
5.0
None Remote Low Not required None None Partial
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).
609 CVE-2018-0502 20 2018-09-05 2018-10-26
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.
610 CVE-2018-0501 347 2018-08-20 2019-01-17
4.3
None Remote Medium Not required None Partial None
The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail.
611 CVE-2018-0500 119 Overflow 2018-07-11 2019-03-29
7.5
None Remote Low Not required Partial Partial Partial
Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value).
612 CVE-2018-0499 79 XSS 2018-07-02 2018-08-28
4.3
None Remote Medium Not required None Partial None
A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet().
613 CVE-2018-0495 200 +Info 2018-06-13 2019-05-30
1.9
None Local Medium Not required Partial None None
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
614 CVE-2018-0494 20 2018-05-06 2018-10-31
4.3
None Remote Medium Not required None Partial None
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
615 CVE-2018-0360 190 Overflow 2018-07-16 2019-04-26
4.3
None Remote Medium Not required None None Partial
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
616 CVE-2017-1000476 400 DoS 2018-01-03 2019-05-14
7.1
None Remote Medium Not required None None Complete
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
617 CVE-2017-1000445 476 DoS 2018-01-02 2019-05-14
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
618 CVE-2017-18273 835 DoS 2018-05-18 2019-10-02
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call.
619 CVE-2017-18271 835 DoS 2018-05-18 2019-10-02
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.
620 CVE-2017-18267 835 DoS 2018-05-10 2019-10-02
4.3
None Remote Medium Not required None None Partial
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
621 CVE-2017-18266 74 2018-05-10 2018-06-14
6.8
None Remote Medium Not required Partial Partial Partial
The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by %s in this environment variable.
622 CVE-2017-18254 772 DoS 2018-03-26 2019-10-02
4.3
None Remote Medium Not required None None Partial
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.
623 CVE-2017-18252 617 DoS 2018-03-26 2019-10-02
4.3
None Remote Medium Not required None None Partial
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file.
624 CVE-2017-18251 772 DoS 2018-03-26 2019-10-02
4.3
None Remote Medium Not required None None Partial
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.
625 CVE-2017-18029 772 DoS 2018-01-12 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
626 CVE-2017-18028 770 DoS 2018-01-12 2019-10-02
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
627 CVE-2017-18027 772 DoS 2018-01-12 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
628 CVE-2017-18022 772 2018-01-05 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
629 CVE-2017-18008 772 2018-01-01 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
630 CVE-2017-17934 772 2017-12-27 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
631 CVE-2017-17914 834 DoS 2017-12-27 2019-10-02
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
632 CVE-2017-17887 772 DoS 2017-12-27 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage.
633 CVE-2017-17886 772 DoS 2017-12-27 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file.
634 CVE-2017-17885 772 DoS 2017-12-27 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.
635 CVE-2017-17884 772 DoS 2017-12-27 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.
636 CVE-2017-17882 772 DoS 2017-12-27 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.
637 CVE-2017-17881 772 DoS 2017-12-27 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.
638 CVE-2017-17879 125 2017-12-27 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
639 CVE-2017-17682 400 DoS 2017-12-14 2019-05-14
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.
640 CVE-2017-17681 835 DoS 2017-12-14 2019-10-02
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.
641 CVE-2017-17680 772 DoS 2017-12-14 2019-10-02
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.
642 CVE-2017-17669 125 DoS 2017-12-13 2019-10-02
4.3
None Remote Medium Not required None None Partial
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.
643 CVE-2017-17504 125 2017-12-10 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
644 CVE-2017-17499 416 2017-12-10 2019-04-16
7.5
None Remote Low Not required Partial Partial Partial
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
645 CVE-2017-16546 119 DoS Overflow 2017-11-05 2019-04-16
6.8
None Remote Medium Not required Partial Partial Partial
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.
646 CVE-2017-15715 20 2018-03-26 2019-08-15
6.8
None Remote Medium Not required Partial Partial Partial
In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.
647 CVE-2017-15710 787 DoS 2018-03-26 2019-08-15
5.0
None Remote Low Not required None None Partial
In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). A header value of less than two characters forces an out of bound write of one NUL byte to a memory location that is not part of the string. In the worst case, quite unlikely, the process would crash which could be used as a Denial of Service attack. In the more likely case, this memory is already reserved for future use and the issue has no effect at all.
648 CVE-2017-15705 20 DoS 2018-09-17 2018-12-16
5.0
None Remote Low Not required None None Partial
A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssassin, using HTML::Parser, we setup an object and hook into the begin and end tag event handlers In both cases, the "open" event is immediately followed by a "close" event - even if the tag *does not* close in the HTML being parsed. Because of this, we are missing the "text" event to deal with the object normally. This can cause carefully crafted emails that might take more scan time than expected leading to a Denial of Service. The issue is possibly a bug or design decision in HTML::Parser that specifically impacts the way Apache SpamAssassin uses the module with poorly formed html. The exploit has been seen in the wild but not believed to have been purposefully part of a Denial of Service attempt. We are concerned that there may be attempts to abuse the vulnerability in the future.
649 CVE-2017-15281 119 DoS Overflow 2017-10-12 2019-05-14
6.8
None Remote Medium Not required Partial Partial Partial
ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."
650 CVE-2017-15218 772 2017-10-10 2019-10-02
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
Total number of vulnerabilities : 686   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 (This Page)14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.