Vulnerabilities > Canonical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-11 | CVE-2018-4207 | Improper Input Validation vulnerability in multiple products In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. | 8.8 |
2019-01-11 | CVE-2018-4181 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. | 5.5 |
2019-01-11 | CVE-2018-4180 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. | 7.8 |
2019-01-11 | CVE-2019-6133 | Race Condition vulnerability in multiple products In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. | 6.7 |
2019-01-11 | CVE-2019-6128 | Memory Leak vulnerability in multiple products The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. | 8.8 |
2019-01-10 | CVE-2018-20685 | Incorrect Authorization vulnerability in multiple products In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . | 5.3 |
2019-01-09 | CVE-2019-5882 | Use After Free vulnerability in multiple products Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. | 9.8 |
2019-01-09 | CVE-2019-3498 | Injection vulnerability in multiple products In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content. | 6.5 |
2019-01-09 | CVE-2019-5747 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in BusyBox through 1.30.0. | 7.5 |
2019-01-09 | CVE-2018-20679 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in BusyBox before 1.30.0. | 7.5 |