Vulnerabilities > Canonical

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-19	CVE-2019-11478	Resource Exhaustion vulnerability in multiple products Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. network low complexity linux f5 canonical redhat pulsesecure ivanti CWE-400	7.5
2019-06-19	CVE-2019-11477	Integer Overflow or Wraparound vulnerability in multiple products Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). network low complexity linux f5 canonical redhat pulsesecure ivanti CWE-190	7.5
2019-06-19	CVE-2019-11038	Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. network low complexity libgd php canonical debian fedoraproject suse opensuse redhat CWE-908	5.3
2019-06-14	CVE-2019-10126	A flaw was found in the Linux kernel. network low complexity linux redhat canonical debian opensuse netapp critical	9.8
2019-06-11	CVE-2019-0197	HTTP Request Smuggling vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. network high complexity apache canonical fedoraproject opensuse redhat oracle CWE-444	4.2
2019-06-11	CVE-2019-0196	Use After Free vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. network low complexity apache canonical debian CWE-416	5.3
2019-06-11	CVE-2019-0220	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. network low complexity apache opensuse debian fedoraproject canonical CWE-706	5.3
2019-06-11	CVE-2019-12749	Link Following vulnerability in multiple products dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. local low complexity freedesktop canonical CWE-59	7.1
2019-06-10	CVE-2019-12387	Injection vulnerability in multiple products In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. network low complexity twisted fedoraproject canonical oracle CWE-74	6.1
2019-06-07	CVE-2019-2101	Out-of-bounds Read vulnerability in multiple products In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. local low complexity google debian canonical CWE-125	5.5

Vulnerabilities > Canonical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Canonical"}]}

Vulnerabilities > Canonical