Vulnerabilities > Canonical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-20 | CVE-2019-12213 | Uncontrolled Recursion vulnerability in multiple products When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion. | 6.5 |
| 2019-05-20 | CVE-2019-12211 | Out-of-bounds Write vulnerability in multiple products When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow. | 7.5 |
| 2019-05-16 | CVE-2019-3839 | It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. | 7.8 |
| 2019-05-15 | CVE-2019-11833 | Use of Uninitialized Resource vulnerability in multiple products fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. | 5.5 |
| 2019-05-10 | CVE-2019-11884 | The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. | 3.3 |
| 2019-05-10 | CVE-2019-5018 | Use After Free vulnerability in multiple products An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. | 6.8 |
| 2019-05-08 | CVE-2019-2054 | In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. | 7.8 |
| 2019-05-08 | CVE-2019-11815 | Race Condition vulnerability in multiple products An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. | 9.3 |
| 2019-05-07 | CVE-2018-6634 | Insufficient Session Expiration vulnerability in Parsecgaming Parsec 1420/1421 A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maintain access to an account. | 7.5 |
| 2019-05-07 | CVE-2019-11810 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.0.7. | 7.5 |