Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2018-12-28 CVE-2018-20546 Integer Overflow or Wraparound vulnerability in multiple products
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. 		8.1
8.1
2018-12-28 CVE-2018-20545 Integer Overflow or Wraparound vulnerability in multiple products
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. 		8.8
8.8
2018-12-28 CVE-2018-20544 Divide By Zero vulnerability in multiple products
There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19.
network
low complexity
libcaca-project debian canonical CWE-369
6.5
6.5
2018-12-28 CVE-2018-20534 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service.
network
low complexity
opensuse canonical CWE-119
6.5
6.5
2018-12-28 CVE-2018-20533 NULL Pointer Dereference vulnerability in multiple products
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
network
low complexity
opensuse canonical CWE-476
6.5
6.5
2018-12-28 CVE-2018-20532 NULL Pointer Dereference vulnerability in multiple products
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
network
low complexity
opensuse canonical CWE-476
6.5
6.5
2018-12-28 CVE-2018-1000888 Deserialization of Untrusted Data vulnerability in multiple products
PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class.
network
low complexity
php canonical debian CWE-502
8.8
8.8
2018-12-26 CVE-2018-20481 NULL Pointer Dereference vulnerability in multiple products
XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.
network
low complexity
freedesktop canonical debian CWE-476
6.5
6.5
2018-12-26 CVE-2018-20467 Infinite Loop vulnerability in multiple products
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption.
network
low complexity
imagemagick opensuse debian canonical CWE-835
6.5
6.5
2018-12-20 CVE-2018-20191 NULL Pointer Dereference vulnerability in multiple products
hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).
network
low complexity
qemu canonical fedoraproject CWE-476
7.5
7.5