Vulnerabilities > Canonical > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-02-05 CVE-2018-18501 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4.
network
low complexity
mozilla canonical debian redhat CWE-119
critical
 9.8
9.8
2019-02-05 CVE-2018-18500 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements.
network
low complexity
mozilla canonical debian redhat CWE-416
critical
 9.8
9.8
2019-01-30 CVE-2018-20750 Out-of-bounds Write vulnerability in multiple products
LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c.
network
low complexity
libvnc-project canonical debian siemens CWE-787
critical
 9.8
9.8
2019-01-30 CVE-2018-20749 Out-of-bounds Write vulnerability in multiple products
LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c.
network
low complexity
libvnc-project canonical debian siemens CWE-787
critical
 9.8
9.8
2019-01-30 CVE-2018-20748 Out-of-bounds Write vulnerability in multiple products
LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c.
network
low complexity
libvnc-project debian canonical siemens CWE-787
critical
 9.8
9.8
2019-01-28 CVE-2019-6978 Double Free vulnerability in multiple products
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c.
network
low complexity
libgd debian canonical CWE-415
critical
 9.8
9.8
2019-01-09 CVE-2019-5882 Use After Free vulnerability in multiple products
Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.
network
low complexity
irssi canonical CWE-416
critical
 9.8
9.8
2018-12-19 CVE-2018-20020 Out-of-bounds Write vulnerability in multiple products
LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
network
low complexity
libvnc-project debian canonical CWE-787
critical
 9.8
9.8
2018-12-19 CVE-2018-20019 Out-of-bounds Write vulnerability in multiple products
LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution
network
low complexity
libvnc-project canonical debian siemens CWE-787
critical
 9.8
9.8
2018-12-19 CVE-2018-15127 Out-of-bounds Write vulnerability in multiple products
LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution
network
low complexity
libvnc-project canonical redhat debian CWE-787
critical
 9.8
9.8