Vulnerabilities > Canonical

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-20	CVE-2018-20124	Out-of-bounds Read vulnerability in multiple products hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value. local low complexity qemu canonical CWE-125	5.5
2018-12-20	CVE-2018-20216	Infinite Loop vulnerability in multiple products QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled). network low complexity qemu canonical CWE-835	7.5
2018-12-20	CVE-2018-20126	Missing Release of Resource after Effective Lifetime vulnerability in multiple products hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. local low complexity qemu canonical opensuse CWE-772	5.5
2018-12-20	CVE-2018-20125	NULL Pointer Dereference vulnerability in multiple products hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings. network low complexity qemu canonical CWE-476	7.5
2018-12-20	CVE-2018-1000880	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. network low complexity libarchive canonical opensuse fedoraproject CWE-119	6.5
2018-12-20	CVE-2018-1000878	Use After Free vulnerability in multiple products libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. network low complexity libarchive debian canonical redhat opensuse fedoraproject CWE-416	8.8
2018-12-20	CVE-2018-1000877	Double Free vulnerability in multiple products libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. network low complexity libarchive debian canonical redhat fedoraproject CWE-415	8.8
2018-12-20	CVE-2018-1000876	Integer Overflow or Wraparound vulnerability in multiple products binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. local low complexity gnu canonical redhat CWE-190	7.8
2018-12-20	CVE-2018-1000858	Cross-Site Request Forgery (CSRF) vulnerability in multiple products GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. network low complexity gnupg canonical CWE-352	8.8
2018-12-20	CVE-2018-1000852	Out-of-bounds Read vulnerability in multiple products FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. network low complexity freerdp canonical fedoraproject CWE-125	6.5

Vulnerabilities > Canonical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Canonical"}]}

Vulnerabilities > Canonical