Vulnerabilities > Canonical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2019-6778 | Out-of-bounds Write vulnerability in multiple products In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow. | 7.8 |
| 2019-03-21 | CVE-2019-6690 | Improper Input Validation vulnerability in multiple products python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. | 7.5 |
| 2019-03-21 | CVE-2019-6454 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in sd-bus in systemd 239. local low complexity systemd-project opensuse netapp debian fedoraproject canonical redhat mcafee CWE-787 | 5.5 |
| 2019-03-21 | CVE-2019-6116 | In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. | 7.8 |
| 2019-03-21 | CVE-2019-3832 | Out-of-bounds Read vulnerability in multiple products It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. | 5.5 |
| 2019-03-21 | CVE-2018-20669 | Improper Input Validation vulnerability in multiple products An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. | 7.8 |
| 2019-03-21 | CVE-2018-20615 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. | 7.5 |
| 2019-03-21 | CVE-2018-18898 | Resource Exhaustion vulnerability in multiple products The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. | 7.5 |
| 2019-03-21 | CVE-2018-18849 | Out-of-bounds Read vulnerability in multiple products In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value. | 5.5 |
| 2019-03-12 | CVE-2019-9721 | Out-of-bounds Read vulnerability in multiple products A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. | 6.5 |