Lucene search

K

Ubuntu Linux Security Vulnerabilities

cve
cve

CVE-2019-13301

ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage...

6.5CVSS

7.6AI Score

0.003EPSS

2019-07-05 01:15 AM
282
cve
cve

CVE-2019-13306

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one...

7.8CVSS

8.6AI Score

0.001EPSS

2019-07-05 01:15 AM
279
cve
cve

CVE-2019-13304

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced...

7.8CVSS

8.6AI Score

0.001EPSS

2019-07-05 01:15 AM
286
cve
cve

CVE-2019-13241

FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during...

7.8CVSS

7.5AI Score

0.002EPSS

2019-07-04 03:15 PM
40
cve
cve

CVE-2019-5051

An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this...

8.8CVSS

8.7AI Score

0.003EPSS

2019-07-03 07:15 PM
254
cve
cve

CVE-2019-5052

An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS

8.7AI Score

0.005EPSS

2019-07-03 07:15 PM
300
cve
cve

CVE-2019-13164

qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL...

7.8CVSS

7.7AI Score

0.0005EPSS

2019-07-03 02:15 PM
231
cve
cve

CVE-2019-13137

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in...

6.5CVSS

7AI Score

0.005EPSS

2019-07-01 08:15 PM
210
3
cve
cve

CVE-2019-13135

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in...

8.8CVSS

8.9AI Score

0.007EPSS

2019-07-01 08:15 PM
222
4
cve
cve

CVE-2019-12781

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words,...

5.3CVSS

5.6AI Score

0.006EPSS

2019-07-01 02:15 PM
201
cve
cve

CVE-2019-13117

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other...

5.3CVSS

5.9AI Score

0.007EPSS

2019-07-01 02:15 AM
205
cve
cve

CVE-2019-13118

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack...

5.3CVSS

6.4AI Score

0.003EPSS

2019-07-01 02:15 AM
241
cve
cve

CVE-2019-13112

A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image...

6.5CVSS

6AI Score

0.007EPSS

2019-06-30 11:15 PM
114
cve
cve

CVE-2019-13113

Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image...

6.5CVSS

6.2AI Score

0.003EPSS

2019-06-30 11:15 PM
100
cve
cve

CVE-2019-13114

http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space...

6.5CVSS

6.1AI Score

0.008EPSS

2019-06-30 11:15 PM
184
cve
cve

CVE-2019-13110

A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted CRW image...

6.5CVSS

6.2AI Score

0.005EPSS

2019-06-30 11:15 PM
114
cve
cve

CVE-2019-13038

mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target...

6.1CVSS

6.2AI Score

0.003EPSS

2019-06-29 02:15 PM
95
4
cve
cve

CVE-2019-12975

ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in...

5.5CVSS

6.9AI Score

0.001EPSS

2019-06-26 06:15 PM
191
cve
cve

CVE-2019-12979

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in...

7.8CVSS

8.2AI Score

0.002EPSS

2019-06-26 06:15 PM
197
cve
cve

CVE-2019-12976

ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in...

5.5CVSS

6.9AI Score

0.001EPSS

2019-06-26 06:15 PM
191
cve
cve

CVE-2019-12972

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0'...

5.5CVSS

6.1AI Score

0.001EPSS

2019-06-26 02:15 PM
160
cve
cve

CVE-2019-12817

arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are...

7CVSS

7.2AI Score

0.0005EPSS

2019-06-25 12:15 PM
224
cve
cve

CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service...

7.5CVSS

7.5AI Score

0.609EPSS

2019-06-24 05:15 PM
411
4
cve
cve

CVE-2019-12900

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many...

9.8CVSS

9.4AI Score

0.017EPSS

2019-06-19 11:15 PM
855
4
cve
cve

CVE-2019-12436

Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an...

6.5CVSS

6.2AI Score

0.022EPSS

2019-06-19 12:15 PM
113
cve
cve

CVE-2019-10126

A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other...

9.8CVSS

9.7AI Score

0.017EPSS

2019-06-14 02:29 PM
354
2
cve
cve

CVE-2019-12749

dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the...

7.1CVSS

6.9AI Score

0.0005EPSS

2019-06-11 05:29 PM
383
4
cve
cve

CVE-2019-12387

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as...

6.1CVSS

6.2AI Score

0.002EPSS

2019-06-10 12:29 PM
193
cve
cve

CVE-2019-12614

An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system...

4.1CVSS

6.2AI Score

0.0005EPSS

2019-06-03 10:29 PM
439
cve
cve

CVE-2019-11356

The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property...

9.8CVSS

9.4AI Score

0.038EPSS

2019-06-03 08:29 PM
132
cve
cve

CVE-2019-3846

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless...

8.8CVSS

9.2AI Score

0.001EPSS

2019-06-03 07:29 PM
514
cve
cve

CVE-2019-8457

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree...

9.8CVSS

9.2AI Score

0.005EPSS

2019-05-30 04:29 PM
518
6
cve
cve

CVE-2019-12450

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are...

9.8CVSS

6.6AI Score

0.014EPSS

2019-05-29 05:29 PM
344
4
cve
cve

CVE-2019-12447

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not...

7.3CVSS

7.2AI Score

0.002EPSS

2019-05-29 05:29 PM
219
cve
cve

CVE-2019-12449

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are...

5.7CVSS

6.3AI Score

0.002EPSS

2019-05-29 05:29 PM
214
cve
cve

CVE-2019-12295

In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting...

7.5CVSS

7.2AI Score

0.005EPSS

2019-05-23 12:29 PM
136
cve
cve

CVE-2019-12216

An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at...

6.5CVSS

7.4AI Score

0.002EPSS

2019-05-20 05:29 PM
52
cve
cve

CVE-2019-12221

An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at...

6.5CVSS

7.1AI Score

0.004EPSS

2019-05-20 05:29 PM
141
cve
cve

CVE-2019-12211

When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap...

7.5CVSS

7.3AI Score

0.008EPSS

2019-05-20 04:29 PM
71
cve
cve

CVE-2019-12213

When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack...

6.5CVSS

6.5AI Score

0.003EPSS

2019-05-20 04:29 PM
79
cve
cve

CVE-2019-11833

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the...

5.5CVSS

6.2AI Score

0.0004EPSS

2019-05-15 01:29 PM
326
cve
cve

CVE-2019-11884

The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0'...

3.3CVSS

6.2AI Score

0.0004EPSS

2019-05-10 10:29 PM
415
cve
cve

CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

8.1CVSS

8.6AI Score

0.087EPSS

2019-05-10 07:29 PM
214
4
cve
cve

CVE-2019-2054

In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation....

7.8CVSS

7.5AI Score

0.0004EPSS

2019-05-08 05:29 PM
92
cve
cve

CVE-2019-11815

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace...

8.1CVSS

7.3AI Score

0.007EPSS

2019-05-08 02:29 PM
332
cve
cve

CVE-2019-11810

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a...

7.5CVSS

7.2AI Score

0.018EPSS

2019-05-07 02:29 PM
406
cve
cve

CVE-2018-20836

An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a...

8.1CVSS

7.4AI Score

0.01EPSS

2019-05-07 02:29 PM
403
3
cve
cve

CVE-2019-11683

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets,.....

9.8CVSS

9.3AI Score

0.027EPSS

2019-05-02 05:29 PM
83
cve
cve

CVE-2019-11596

In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in...

7.5CVSS

7.2AI Score

0.191EPSS

2019-04-29 03:29 PM
272
4
cve
cve

CVE-2019-11506

In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to...

8.8CVSS

8.9AI Score

0.004EPSS

2019-04-24 09:29 PM
119
Total number of security vulnerabilities3129