Vulnerabilities > Canonical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-18 | CVE-2018-16878 | Resource Exhaustion vulnerability in multiple products A flaw was found in pacemaker up to and including version 2.0.1. | 5.5 |
2019-04-18 | CVE-2018-16877 | A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. | 7.8 |
2019-04-18 | CVE-2019-11035 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. | 6.4 |
2019-04-18 | CVE-2019-11034 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. | 6.4 |
2019-04-11 | CVE-2019-9628 | Improper Handling of Exceptional Conditions vulnerability in multiple products The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. | 5.0 |
2019-04-11 | CVE-2019-3460 | Improper Input Validation vulnerability in multiple products A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1. | 6.5 |
2019-04-11 | CVE-2019-3459 | Out-of-bounds Read vulnerability in multiple products A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. | 6.5 |
2019-04-10 | CVE-2019-11068 | libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. | 9.8 |
2019-04-09 | CVE-2019-3887 | Incorrect Authorization vulnerability in multiple products A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. | 5.6 |
2019-04-09 | CVE-2019-10903 | Out-of-bounds Read vulnerability in multiple products In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. | 7.5 |