Filtered by vendor Canonical
Subscriptions
Filtered by product Ubuntu Linux
Subscriptions
Total
4171 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-18273 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. | ||||
| CVE-2017-18271 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. | ||||
| CVE-2017-18267 | 4 Canonical, Debian, Freedesktop and 1 more | 8 Ubuntu Linux, Debian Linux, Poppler and 5 more | 2024-11-21 | N/A |
| The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops. | ||||
| CVE-2017-18266 | 3 Canonical, Debian, Freedesktop | 3 Ubuntu Linux, Debian Linux, Xdg-utils | 2024-11-21 | N/A |
| The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by %s in this environment variable. | ||||
| CVE-2017-18254 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. | ||||
| CVE-2017-18252 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file. | ||||
| CVE-2017-18251 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file. | ||||
| CVE-2017-18241 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | N/A |
| fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure. | ||||
| CVE-2017-18236 | 4 Canonical, Debian, Exempi Project and 1 more | 4 Ubuntu Linux, Debian Linux, Exempi and 1 more | 2024-11-21 | N/A |
| An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file. | ||||
| CVE-2017-18234 | 4 Canonical, Debian, Exempi Project and 1 more | 4 Ubuntu Linux, Debian Linux, Exempi and 1 more | 2024-11-21 | N/A |
| An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and XMPFiles/source/FormatSupport/TIFF_Support.hpp. | ||||
| CVE-2017-18233 | 4 Canonical, Debian, Exempi Project and 1 more | 4 Ubuntu Linux, Debian Linux, Exempi and 1 more | 2024-11-21 | N/A |
| An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file. | ||||
| CVE-2017-18211 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-11-21 | N/A |
| In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel. | ||||
| CVE-2017-18209 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-11-21 | N/A |
| In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory. | ||||
| CVE-2017-18206 | 3 Canonical, Redhat, Zsh | 3 Ubuntu Linux, Enterprise Linux, Zsh | 2024-11-21 | N/A |
| In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. | ||||
| CVE-2017-18190 | 4 Apple, Canonical, Debian and 1 more | 4 Cups, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | N/A |
| A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1). | ||||
| CVE-2017-18079 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 7.8 High |
| drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated. | ||||
| CVE-2017-18075 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | 7.8 High |
| crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. | ||||
| CVE-2017-18043 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2024-11-21 | N/A |
| Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash). | ||||
| CVE-2017-18029 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-11-21 | N/A |
| In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. | ||||
| CVE-2017-18028 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-11-21 | N/A |
| In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. | ||||