Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2018-11-07 CVE-2018-19058 Always-Incorrect Control Flow Implementation vulnerability in multiple products
An issue was discovered in Poppler 0.71.0.
network
low complexity
freedesktop canonical debian redhat CWE-670
6.5
6.5
2018-11-07 CVE-2018-16845 nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file.
local
low complexity
f5 debian canonical opensuse apple
6.1
6.1
2018-11-07 CVE-2018-16844 nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage.
network
low complexity
f5 debian canonical apple
7.5
7.5
2018-11-07 CVE-2018-16843 nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption.
network
low complexity
f5 debian canonical opensuse apple
7.5
7.5
2018-11-06 CVE-2018-9516 Out-of-bounds Write vulnerability in multiple products
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google debian canonical CWE-787
7.8
7.8
2018-11-06 CVE-2018-9415 Double Free vulnerability in multiple products
In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking.
local
low complexity
google canonical CWE-415
7.8
7.8
2018-11-06 CVE-2018-9363 Integer Overflow or Wraparound vulnerability in multiple products
In the hidp_process_report in bluetooth, there is an integer overflow.
local
low complexity
google canonical debian linux CWE-190
8.4
8.4
2018-11-02 CVE-2018-16847 Out-of-bounds Write vulnerability in multiple products
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU.
local
low complexity
qemu canonical CWE-787
7.8
7.8
2018-11-02 CVE-2018-18897 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in Poppler 0.71.0.
network
low complexity
freedesktop debian canonical redhat CWE-772
6.5
6.5
2018-10-31 CVE-2016-6328 A vulnerability was found in libexif.
network
low complexity
libexif-project debian canonical
8.1
8.1