Lucene search

K

Ubuntu Linux Security Vulnerabilities

cve
cve

CVE-2019-13308

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in...

8.8CVSS

8.6AI Score

0.006EPSS

2019-07-05 01:15 AM
234
cve
cve

CVE-2019-13311

ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c...

6.5CVSS

7.5AI Score

0.002EPSS

2019-07-05 01:15 AM
280
cve
cve

CVE-2019-13297

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is...

8.8CVSS

9AI Score

0.003EPSS

2019-07-05 01:15 AM
298
cve
cve

CVE-2019-13305

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one...

7.8CVSS

8.6AI Score

0.001EPSS

2019-07-05 01:15 AM
277
cve
cve

CVE-2019-13310

ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in...

6.5CVSS

7.6AI Score

0.003EPSS

2019-07-05 01:15 AM
284
cve
cve

CVE-2019-13295

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is...

8.8CVSS

9AI Score

0.003EPSS

2019-07-05 01:15 AM
284
cve
cve

CVE-2019-13301

ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage...

6.5CVSS

7.6AI Score

0.003EPSS

2019-07-05 01:15 AM
284
cve
cve

CVE-2019-13304

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced...

7.8CVSS

8.6AI Score

0.001EPSS

2019-07-05 01:15 AM
293
cve
cve

CVE-2019-13306

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one...

7.8CVSS

8.6AI Score

0.001EPSS

2019-07-05 01:15 AM
281
cve
cve

CVE-2019-13241

FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during...

7.8CVSS

7.5AI Score

0.002EPSS

2019-07-04 03:15 PM
40
cve
cve

CVE-2019-5051

An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this...

8.8CVSS

8.7AI Score

0.003EPSS

2019-07-03 07:15 PM
254
cve
cve

CVE-2019-5052

An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS

8.7AI Score

0.005EPSS

2019-07-03 07:15 PM
300
cve
cve

CVE-2019-13164

qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL...

7.8CVSS

7.7AI Score

0.0005EPSS

2019-07-03 02:15 PM
234
cve
cve

CVE-2019-13137

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in...

6.5CVSS

7AI Score

0.005EPSS

2019-07-01 08:15 PM
211
3
cve
cve

CVE-2019-13135

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in...

8.8CVSS

8.9AI Score

0.007EPSS

2019-07-01 08:15 PM
226
4
cve
cve

CVE-2019-12781

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words,...

5.3CVSS

5.6AI Score

0.006EPSS

2019-07-01 02:15 PM
201
cve
cve

CVE-2019-13117

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other...

5.3CVSS

5.9AI Score

0.007EPSS

2019-07-01 02:15 AM
205
cve
cve

CVE-2019-13118

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack...

5.3CVSS

6.4AI Score

0.003EPSS

2019-07-01 02:15 AM
241
cve
cve

CVE-2019-13112

A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image...

6.5CVSS

6AI Score

0.007EPSS

2019-06-30 11:15 PM
116
cve
cve

CVE-2019-13113

Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image...

6.5CVSS

6.2AI Score

0.003EPSS

2019-06-30 11:15 PM
103
cve
cve

CVE-2019-13114

http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space...

6.5CVSS

6.1AI Score

0.008EPSS

2019-06-30 11:15 PM
187
cve
cve

CVE-2019-13110

A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted CRW image...

6.5CVSS

6.2AI Score

0.005EPSS

2019-06-30 11:15 PM
121
cve
cve

CVE-2019-13038

mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target...

6.1CVSS

6.2AI Score

0.003EPSS

2019-06-29 02:15 PM
96
4
cve
cve

CVE-2019-12975

ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in...

5.5CVSS

6.9AI Score

0.001EPSS

2019-06-26 06:15 PM
194
cve
cve

CVE-2019-12979

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in...

7.8CVSS

8.2AI Score

0.002EPSS

2019-06-26 06:15 PM
201
cve
cve

CVE-2019-12976

ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in...

5.5CVSS

6.9AI Score

0.001EPSS

2019-06-26 06:15 PM
193
cve
cve

CVE-2019-12972

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0'...

5.5CVSS

6.1AI Score

0.001EPSS

2019-06-26 02:15 PM
165
cve
cve

CVE-2019-12817

arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are...

7CVSS

7.2AI Score

0.0005EPSS

2019-06-25 12:15 PM
227
cve
cve

CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service...

7.5CVSS

7.5AI Score

0.609EPSS

2019-06-24 05:15 PM
417
4
cve
cve

CVE-2019-12900

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many...

9.8CVSS

9.4AI Score

0.017EPSS

2019-06-19 11:15 PM
859
4
cve
cve

CVE-2019-12436

Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an...

6.5CVSS

6.2AI Score

0.022EPSS

2019-06-19 12:15 PM
113
cve
cve

CVE-2019-10126

A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other...

9.8CVSS

9.7AI Score

0.017EPSS

2019-06-14 02:29 PM
357
2
cve
cve

CVE-2019-12749

dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the...

7.1CVSS

6.9AI Score

0.0005EPSS

2019-06-11 05:29 PM
390
4
cve
cve

CVE-2019-12387

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as...

6.1CVSS

6.2AI Score

0.002EPSS

2019-06-10 12:29 PM
193
cve
cve

CVE-2019-12614

An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system...

4.1CVSS

6.2AI Score

0.0005EPSS

2019-06-03 10:29 PM
444
cve
cve

CVE-2019-11356

The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property...

9.8CVSS

9.4AI Score

0.038EPSS

2019-06-03 08:29 PM
132
cve
cve

CVE-2019-3846

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless...

8.8CVSS

9.2AI Score

0.001EPSS

2019-06-03 07:29 PM
518
cve
cve

CVE-2019-8457

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree...

9.8CVSS

9.2AI Score

0.005EPSS

2019-05-30 04:29 PM
520
6
cve
cve

CVE-2019-12450

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are...

9.8CVSS

6.6AI Score

0.014EPSS

2019-05-29 05:29 PM
354
4
cve
cve

CVE-2019-12447

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not...

7.3CVSS

7.2AI Score

0.002EPSS

2019-05-29 05:29 PM
224
cve
cve

CVE-2019-12449

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are...

5.7CVSS

6.3AI Score

0.003EPSS

2019-05-29 05:29 PM
219
cve
cve

CVE-2019-12295

In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting...

7.5CVSS

7.2AI Score

0.004EPSS

2019-05-23 12:29 PM
137
cve
cve

CVE-2019-12216

An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at...

6.5CVSS

7.4AI Score

0.002EPSS

2019-05-20 05:29 PM
52
cve
cve

CVE-2019-12221

An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at...

6.5CVSS

7.1AI Score

0.004EPSS

2019-05-20 05:29 PM
141
cve
cve

CVE-2019-12211

When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap...

7.5CVSS

7.3AI Score

0.008EPSS

2019-05-20 04:29 PM
71
cve
cve

CVE-2019-12213

When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack...

6.5CVSS

6.5AI Score

0.003EPSS

2019-05-20 04:29 PM
79
cve
cve

CVE-2019-11833

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the...

5.5CVSS

6.2AI Score

0.0004EPSS

2019-05-15 01:29 PM
328
cve
cve

CVE-2019-11884

The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0'...

3.3CVSS

6.2AI Score

0.0004EPSS

2019-05-10 10:29 PM
421
cve
cve

CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

8.1CVSS

8.6AI Score

0.087EPSS

2019-05-10 07:29 PM
215
4
cve
cve

CVE-2019-2054

In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation....

7.8CVSS

7.5AI Score

0.0004EPSS

2019-05-08 05:29 PM
92
Total number of security vulnerabilities3141