Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Total 4203 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-6128 4 Canonical, Debian, Libtiff and 1 more 4 Ubuntu Linux, Debian Linux, Libtiff and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
CVE-2019-6116 6 Artifex, Canonical, Debian and 3 more 11 Ghostscript, Ubuntu Linux, Debian Linux and 8 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
CVE-2019-6111 10 Apache, Canonical, Debian and 7 more 27 Mina Sshd, Ubuntu Linux, Debian Linux and 24 more 2024-11-21 5.8 MEDIUM 5.9 MEDIUM
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6109 9 Canonical, Debian, Fedoraproject and 6 more 28 Ubuntu Linux, Debian Linux, Fedora and 25 more 2024-11-21 4.0 MEDIUM 6.8 MEDIUM
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-5882 2 Canonical, Irssi 2 Ubuntu Linux, Irssi 2024-11-21 7.5 HIGH 9.8 CRITICAL
Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.
CVE-2019-5827 5 Canonical, Debian, Fedoraproject and 2 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5798 6 Canonical, Debian, Google and 3 more 7 Ubuntu Linux, Debian Linux, Chrome and 4 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2019-5747 2 Busybox, Canonical 2 Busybox, Ubuntu Linux 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.
CVE-2019-5736 13 Apache, Canonical, D2iq and 10 more 19 Mesos, Ubuntu Linux, Dc\/os and 16 more 2024-11-21 9.3 HIGH 8.6 HIGH
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
CVE-2019-5477 3 Canonical, Debian, Nokogiri 3 Ubuntu Linux, Debian Linux, Nokogiri 2024-11-21 7.5 HIGH 9.8 CRITICAL
A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's `Kernel.open` method. Processes are vulnerable only if the undocumented method `Nokogiri::CSS::Tokenizer#load_file` is being called with unsafe user input as the filename. This vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. Rexical is used by Nokogiri to generate lexical scanner code for parsing CSS queries. The underlying vulnerability was addressed in Rexical v1.0.7 and Nokogiri upgraded to this version of Rexical in Nokogiri v1.10.4.
CVE-2019-5188 6 Canonical, Debian, E2fsprogs Project and 3 more 8 Ubuntu Linux, Debian Linux, E2fsprogs and 5 more 2024-11-21 4.4 MEDIUM 7.5 HIGH
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
CVE-2019-5108 5 Canonical, Debian, Linux and 2 more 21 Ubuntu Linux, Debian Linux, Linux Kernel and 18 more 2024-11-21 3.3 LOW 6.5 MEDIUM
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.
CVE-2019-5094 5 Canonical, Debian, E2fsprogs Project and 2 more 6 Ubuntu Linux, Debian Linux, E2fsprogs and 3 more 2024-11-21 4.6 MEDIUM 7.5 HIGH
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
CVE-2019-5068 4 Canonical, Debian, Mesa3d and 1 more 4 Ubuntu Linux, Debian Linux, Mesa and 1 more 2024-11-21 3.6 LOW 4.4 MEDIUM
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability.
CVE-2019-5052 4 Canonical, Debian, Libsdl and 1 more 5 Ubuntu Linux, Debian Linux, Sdl2 Image and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
CVE-2019-5051 4 Canonical, Debian, Libsdl and 1 more 5 Ubuntu Linux, Debian Linux, Sdl2 Image and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
CVE-2019-5018 2 Canonical, Sqlite 2 Ubuntu Linux, Sqlite 2024-11-21 6.8 MEDIUM 8.1 HIGH
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.
CVE-2019-3900 7 Canonical, Debian, Fedoraproject and 4 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2024-11-21 6.8 MEDIUM 7.7 HIGH
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.
CVE-2019-3887 4 Canonical, Fedoraproject, Linux and 1 more 11 Ubuntu Linux, Fedora, Linux Kernel and 8 more 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.
CVE-2019-3885 3 Canonical, Clusterlabs, Fedoraproject 3 Ubuntu Linux, Pacemaker, Fedora 2024-11-21 5.0 MEDIUM 3.3 LOW
A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.