Filtered by vendor Canonical
Subscribe
Total
4167 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12295 | 4 Canonical, Debian, F5 and 1 more | 16 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 13 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion. | |||||
| CVE-2019-12221 | 5 Canonical, Debian, Fedoraproject and 2 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c. | |||||
| CVE-2019-12216 | 4 Canonical, Debian, Fedoraproject and 1 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c. | |||||
| CVE-2019-12213 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion. | |||||
| CVE-2019-12211 | 2 Canonical, Freeimage Project | 2 Ubuntu Linux, Freeimage | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow. | |||||
| CVE-2019-12068 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Leap and 1 more | 2023-11-07 | 2.1 LOW | 3.8 LOW |
| In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well. | |||||
| CVE-2019-11884 | 6 Canonical, Debian, Fedoraproject and 3 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2023-11-07 | 2.1 LOW | 3.3 LOW |
| The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. | |||||
| CVE-2019-11833 | 5 Canonical, Debian, Fedoraproject and 2 more | 15 Ubuntu Linux, Debian Linux, Fedora and 12 more | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. | |||||
| CVE-2019-11779 | 5 Canonical, Debian, Eclipse and 2 more | 6 Ubuntu Linux, Debian Linux, Mosquitto and 3 more | 2023-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur. | |||||
| CVE-2019-11683 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-11-07 | 10.0 HIGH | 9.8 CRITICAL |
| udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue. | |||||
| CVE-2019-11596 | 2 Canonical, Memcached | 2 Ubuntu Linux, Memcached | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c. | |||||
| CVE-2019-11503 | 1 Canonical | 1 Snapd | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass." | |||||
| CVE-2019-11498 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data. | |||||
| CVE-2019-11479 | 4 Canonical, F5, Linux and 1 more | 21 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 18 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363. | |||||
| CVE-2019-11474 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009. | |||||
| CVE-2019-11459 | 6 Canonical, Debian, Fedoraproject and 3 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. | |||||
| CVE-2019-11455 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2023-11-07 | 5.5 MEDIUM | 8.1 HIGH |
| A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also cause a denial of service (application outage). | |||||
| CVE-2019-11454 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized user field of the Authorization header for HTTP Basic Authentication, which is mishandled during an _viewlog operation. | |||||
| CVE-2019-11356 | 5 Canonical, Cyrus, Debian and 2 more | 8 Ubuntu Linux, Imap, Debian Linux and 5 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. | |||||
| CVE-2019-11324 | 2 Canonical, Python | 2 Ubuntu Linux, Urllib3 | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. | |||||