Ubuntu Linux@19.04 Security Vulnerabilities and Issues — Ubuntu Linux@19.04 CVE List

Lucene search

CanonicalUbuntu Linux19.04

16 matches found

CVE•added 2018/11/25 10:29 a.m.•2467 views

CVE-2018-19518

University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection, which might allow rem...

8.5CVSS8.1AI score0.93964EPSS

CVE•added 2018/07/19 1:29 p.m.•318 views

CVE-2017-7481

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templat...

9.8CVSS9.3AI score0.03687EPSS

CVE•added 2018/06/08 9:29 p.m.•279 views

CVE-2018-12020

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent ...

7.5CVSS7.8AI score0.01522EPSS

CVE•added 2018/07/03 1:29 a.m.•248 views

CVE-2018-10855

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on th...

5.9CVSS5.7AI score0.02523EPSS

CVE•added 2018/07/13 10:29 p.m.•248 views

CVE-2018-10875

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00062EPSS

CVE•added 2018/12/26 3:29 a.m.•239 views

CVE-2018-20467

In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

6.5CVSS7.1AI score0.00157EPSS

CVE•added 2018/11/02 7:29 a.m.•202 views

CVE-2018-18897

An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.

6.5CVSS6.6AI score0.002EPSS

CVE•added 2018/11/08 8:29 a.m.•199 views

CVE-2018-19108

In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.

6.5CVSS6.3AI score0.00419EPSS

CVE•added 2018/08/22 1:29 p.m.•188 views

CVE-2018-10844

It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets.

5.9CVSS5.7AI score0.00268EPSS

CVE•added 2018/08/22 1:29 p.m.•182 views

CVE-2018-10845

It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.

5.9CVSS5.7AI score0.00965EPSS

CVE•added 2018/08/22 1:29 p.m.•173 views

CVE-2018-10846

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.

5.6CVSS5.5AI score0.00025EPSS

CVE•added 2018/08/23 11:29 p.m.•172 views

CVE-2018-15822

The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure.

7.5CVSS7.5AI score0.01683EPSS

CVE•added 2018/09/01 6:29 p.m.•129 views

CVE-2018-16323

ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the ima...

6.5CVSS6.4AI score0.73747EPSS

CVE•added 2018/11/26 2:29 a.m.•123 views

CVE-2018-19535

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

6.5CVSS6.2AI score0.00365EPSS

CVE•added 2018/11/08 8:29 a.m.•117 views

CVE-2018-19107

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.

6.5CVSS6.4AI score0.00308EPSS

CVE•added 2018/05/26 6:29 p.m.•111 views

CVE-2018-11490

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified ot...

8.8CVSS8.8AI score0.0022EPSS