Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2019-02-22 CVE-2019-9024 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-125
7.5
7.5
2019-02-22 CVE-2019-9023 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-125
critical
 9.8
9.8
2019-02-22 CVE-2019-9022 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2.
network
low complexity
php debian canonical netapp CWE-125
7.5
7.5
2019-02-22 CVE-2019-9021 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-125
critical
 9.8
9.8
2019-02-22 CVE-2019-9020 Use After Free vulnerability in multiple products
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-416
critical
 9.8
9.8
2019-02-22 CVE-2019-9003 Use After Free vulnerability in multiple products
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.
network
low complexity
linux netapp canonical opensuse CWE-416
7.5
7.5
2019-02-22 CVE-2018-20784 Infinite Loop vulnerability in multiple products
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.
network
low complexity
linux canonical redhat CWE-835
critical
 9.8
9.8
2019-02-21 CVE-2019-8980 Memory Leak vulnerability in multiple products
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
network
low complexity
linux canonical opensuse debian CWE-401
7.5
7.5
2019-02-19 CVE-2019-3812 QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function.
local
low complexity
qemu fedoraproject canonical opensuse
5.5
5.5
2019-02-18 CVE-2019-8912 Use After Free vulnerability in multiple products
In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
local
low complexity
linux redhat canonical opensuse CWE-416
7.8
7.8