Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu ubuntu 17.10 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-6951
An issue exists in GNU patch up to and including 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.
Gnu Patch
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2018-5101
A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58.
Mozilla Firefox
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
7.5
CVSSv2
CVE-2016-10714
In zsh prior to 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.
Zsh Zsh
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
6.8
CVSSv2
CVE-2017-16909
An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions before 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.
Libraw Libraw
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
4.3
CVSSv2
CVE-2017-16910
An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.
Libraw Libraw
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5
CVSSv2
CVE-2016-10712
In PHP prior to 5.5.32, 5.6.x prior to 5.6.18, and 7.x prior to 7.0.3, all of the return values of stream_get_meta_data can be controlled if the input can be controlled (e.g., during file uploads). For example, a "$uri = stream_get_meta_data(fopen($file, "r"))[...
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
7.5
CVSSv2
CVE-2018-13043
scripts/grep-excuses.pl in Debian devscripts up to and including 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.
Debian Devscripts
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
6.8
CVSSv2
CVE-2017-7161
An issue exists in certain Apple products. Safari prior to 11.0.2 is affected. The issue involves the "WebKit Web Inspector" component. It allows remote malicious users to execute arbitrary code via special characters that trigger command injection.
Apple Safari
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
5
CVSSv2
CVE-2018-6196
w3m up to and including 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value.
Tats W3m
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
10
CVSSv2
CVE-2018-5151
Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 60.
Mozilla Firefox
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »