Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Filtered by product Ubuntu Linux
Total 4150 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16542 4 Artifex, Canonical, Debian and 1 more 8 Ghostscript, Ubuntu Linux, Debian Linux and 5 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.
CVE-2018-16541 4 Artifex, Canonical, Debian and 1 more 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.
CVE-2018-16540 4 Artifex, Canonical, Debian and 1 more 11 Ghostscript, Ubuntu Linux, Debian Linux and 8 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
CVE-2018-16539 4 Artifex, Canonical, Debian and 1 more 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.
CVE-2018-16513 4 Artifex, Canonical, Debian and 1 more 5 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 2 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.
CVE-2018-16511 4 Artifex, Canonical, Debian and 1 more 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.
CVE-2018-16510 2 Artifex, Canonical 3 Ghostscript, Gpl Ghostscript, Ubuntu Linux 2024-11-21 6.8 MEDIUM 7.8 HIGH
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact.
CVE-2018-16509 4 Artifex, Canonical, Debian and 1 more 8 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 5 more 2024-11-21 9.3 HIGH 7.8 HIGH
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.
CVE-2018-16435 4 Canonical, Debian, Littlecms and 1 more 6 Ubuntu Linux, Debian Linux, Little Cms Color Engine and 3 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.
CVE-2018-16429 2 Canonical, Gnome 2 Ubuntu Linux, Glib 2024-11-21 5.0 MEDIUM 7.5 HIGH
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
CVE-2018-16428 2 Canonical, Gnome 2 Ubuntu Linux, Glib 2024-11-21 7.5 HIGH 9.8 CRITICAL
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
CVE-2018-16402 5 Canonical, Debian, Elfutils Project and 2 more 7 Ubuntu Linux, Debian Linux, Elfutils and 4 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.
CVE-2018-16396 4 Canonical, Debian, Redhat and 1 more 4 Ubuntu Linux, Debian Linux, Enterprise Linux and 1 more 2024-11-21 6.8 MEDIUM 8.1 HIGH
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.
CVE-2018-16395 4 Canonical, Debian, Redhat and 1 more 5 Ubuntu Linux, Debian Linux, Enterprise Linux and 2 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.
CVE-2018-16336 3 Canonical, Debian, Exiv2 3 Ubuntu Linux, Debian Linux, Exiv2 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.
CVE-2018-16323 2 Canonical, Imagemagick 2 Ubuntu Linux, Imagemagick 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.
CVE-2018-16276 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-11-21 7.2 HIGH 7.8 HIGH
An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.
CVE-2018-16152 3 Canonical, Debian, Strongswan 3 Ubuntu Linux, Debian Linux, Strongswan 2024-11-21 5.0 MEDIUM 7.5 HIGH
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. This is a variant of CVE-2006-4790 and CVE-2014-1568.
CVE-2018-16151 3 Canonical, Debian, Strongswan 3 Ubuntu Linux, Debian Linux, Strongswan 2024-11-21 5.0 MEDIUM 7.5 HIGH
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication.
CVE-2018-16140 2 Canonical, Fig2dev Project 2 Ubuntu Linux, Fig2dev 2024-11-21 6.8 MEDIUM 7.8 HIGH
A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.