Vulnerabilities > Canonical

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-18	CVE-2019-11324	Improper Certificate Validation vulnerability in multiple products The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. network low complexity python canonical CWE-295	7.5
2019-04-18	CVE-2019-3885	Use After Free vulnerability in multiple products A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs. network low complexity clusterlabs canonical fedoraproject CWE-416	7.5
2019-04-18	CVE-2018-16878	Resource Exhaustion vulnerability in multiple products A flaw was found in pacemaker up to and including version 2.0.1. local low complexity clusterlabs canonical fedoraproject debian opensuse redhat CWE-400	5.5
2019-04-18	CVE-2018-16877	A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. local low complexity clusterlabs canonical fedoraproject debian opensuse redhat	7.8
2019-04-18	CVE-2019-11035	Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. network low complexity php canonical netapp redhat opensuse debian CWE-125 critical	9.1
2019-04-18	CVE-2019-11034	Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. network low complexity php canonical netapp redhat debian opensuse CWE-125 critical	9.1
2019-04-11	CVE-2019-9628	Improper Handling of Exceptional Conditions vulnerability in multiple products The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. network low complexity xmltooling-project canonical opensuse CWE-755	7.5
2019-04-11	CVE-2019-3460	Improper Input Validation vulnerability in multiple products A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1. low complexity linux canonical debian redhat CWE-20	6.5
2019-04-11	CVE-2019-3459	Out-of-bounds Read vulnerability in multiple products A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. low complexity linux canonical redhat debian CWE-125	6.5
2019-04-10	CVE-2019-11068	libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. network low complexity xmlsoft canonical debian fedoraproject oracle netapp opensuse critical	9.8

Vulnerabilities > Canonical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Canonical"}]}

Vulnerabilities > Canonical