Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2019-01-23 CVE-2019-6706 Use After Free vulnerability in multiple products
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c.
network
low complexity
lua canonical CWE-416
7.5
7.5
2019-01-16 CVE-2018-5740 Reachable Assertion vulnerability in multiple products
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers.
network
low complexity
isc redhat debian netapp canonical hp opensuse CWE-617
5.0
5.0
2019-01-16 CVE-2018-5738 Information Exposure vulnerability in multiple products
Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver.
network
low complexity
isc canonical CWE-200
5.0
5.0
2019-01-16 CVE-2018-5733 Integer Overflow or Wraparound vulnerability in multiple products
A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash.
network
low complexity
isc redhat canonical debian CWE-190
5.0
5.0
2019-01-16 CVE-2017-3144 Resource Exhaustion vulnerability in multiple products
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server.
network
low complexity
isc redhat canonical debian CWE-400
5.0
5.0
2019-01-16 CVE-2019-2537 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle canonical debian netapp mariadb redhat
4.0
4.0
2019-01-16 CVE-2019-2534 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).
network
low complexity
oracle canonical netapp redhat
7.1
7.1
2019-01-16 CVE-2019-2532 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp canonical redhat
4.9
4.9
2019-01-16 CVE-2019-2531 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).
network
low complexity
oracle netapp canonical redhat
4.9
4.9
2019-01-16 CVE-2019-2529 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle debian canonical netapp mariadb redhat
4.0
4.0