Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2019-06-27 CVE-2018-6156 Out-of-bounds Write vulnerability in multiple products
Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
network
low complexity
google canonical CWE-787
8.8
2019-06-26 CVE-2019-12979 Improper Initialization vulnerability in multiple products
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c.
7.8
2019-06-26 CVE-2019-12976 Memory Leak vulnerability in multiple products
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.
5.5
2019-06-26 CVE-2019-12975 Memory Leak vulnerability in multiple products
ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.
5.5
2019-06-26 CVE-2019-12972 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32.
local
low complexity
gnu opensuse canonical CWE-125
5.5
2019-06-25 CVE-2019-12817 Out-of-bounds Write vulnerability in multiple products
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB.
7.0
2019-06-24 CVE-2018-20843 XXE vulnerability in multiple products
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
7.5
2019-06-19 CVE-2019-12900 Out-of-bounds Write vulnerability in multiple products
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
network
low complexity
bzip debian opensuse canonical freebsd python CWE-787
critical
9.8
2019-06-19 CVE-2019-12436 NULL Pointer Dereference vulnerability in multiple products
Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service.
network
low complexity
samba canonical CWE-476
6.5
2019-06-19 CVE-2019-11479 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes.
network
low complexity
linux f5 canonical redhat CWE-770
7.5