Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2019-10-16 CVE-2019-2920 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC).
network
low complexity
oracle canonical
5.3
5.3
2019-10-16 CVE-2019-2914 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
network
low complexity
oracle canonical fedoraproject netapp
6.5
6.5
2019-10-16 CVE-2019-2911 Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema).
network
low complexity
oracle canonical fedoraproject netapp
2.7
2.7
2019-10-16 CVE-2019-2910 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
network
high complexity
oracle canonical netapp
3.7
3.7
2019-10-16 CVE-2019-2894 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security).
network
high complexity
oracle debian opensuse mcafee canonical
3.7
3.7
2019-10-14 CVE-2019-17544 Out-of-bounds Read vulnerability in multiple products
libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.
network
low complexity
gnu canonical CWE-125
critical
 9.1
9.1
2019-10-14 CVE-2019-17542 Out-of-bounds Write vulnerability in multiple products
FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.
network
low complexity
ffmpeg canonical debian CWE-787
critical
 9.8
9.8
2019-10-14 CVE-2019-17539 NULL Pointer Dereference vulnerability in multiple products
In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.
network
low complexity
ffmpeg debian canonical CWE-476
critical
 9.8
9.8
2019-10-11 CVE-2019-2215 Use After Free vulnerability in multiple products
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel.
local
low complexity
google debian canonical netapp huawei CWE-416
7.8
7.8
2019-10-10 CVE-2019-17455 Out-of-bounds Read vulnerability in multiple products
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
network
low complexity
nongnu debian canonical fedoraproject opensuse CWE-125
critical
 9.8
9.8