Canonical Ubuntu Linux vulnerabilities

CVE-2018-3077 [MEDIUM] CVE-2018-3077: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported v Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in u

CVE-2018-3054 [MEDIUM] CVE-2018-3054: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported v Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in u

CVE-2018-10877 [MEDIUM] CWE-125 CVE-2018-10877: Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() fun Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.

CVE-2018-3062 [MEDIUM] CVE-2018-3062: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Suppo Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via memcached to compromise MySQL Server. Successful attacks of this vulnerability

CVE-2018-3058 [MEDIUM] CVE-2018-3058: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versio Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can

CVE-2018-3065 [MEDIUM] CVE-2018-3065: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported v Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in un

CVE-2018-3081 [MEDIUM] CVE-2018-3081: Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Support Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful att

CVE-2018-3060 [MEDIUM] CVE-2018-3060: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versio Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauth

CVE-2018-3056 [MEDIUM] CVE-2018-3056: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privile Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability

CVE-2018-3071 [MEDIUM] CVE-2018-3071: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Audit Log). Supported ver Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Audit Log). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to

CVE-2018-3063 [MEDIUM] CVE-2018-3063: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privile Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unaut

CVE-2018-3070 [MEDIUM] CVE-2018-3070: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Suppor Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnera

CVE-2018-2767 [LOW] CVE-2018-2767: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encrypt Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of t

CVE-2018-3066 [LOW] CVE-2018-3066: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Support Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerab

CVE-2018-2952 [LOW] CVE-2018-2952: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: C Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise J

CVE-2018-14362 [CRITICAL] CWE-119 CVE-2018-14362: An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid c An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.

CVE-2018-14350 [CRITICAL] CWE-787 CVE-2018-14350: An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a st An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.

CVE-2018-14358 [CRITICAL] CWE-787 CVE-2018-14358: An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a st An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.

CVE-2018-14357 [CRITICAL] CWE-78 CVE-2018-14357: An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.

CVE-2018-14359 [CRITICAL] CWE-120 CVE-2018-14359: An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer over An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.