Vulnerabilities > Canonical > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-08 CVE-2019-11764 Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1.
network
low complexity
mozilla canonical CWE-787
8.8
2020-01-08 CVE-2019-11760 Out-of-bounds Write vulnerability in multiple products
A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling.
network
low complexity
mozilla canonical CWE-787
8.8
2020-01-08 CVE-2019-11759 Classic Buffer Overflow vulnerability in multiple products
An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack.
network
low complexity
mozilla canonical CWE-120
8.8
2020-01-08 CVE-2019-11758 Out-of-bounds Write vulnerability in multiple products
Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed.
network
low complexity
mozilla canonical CWE-787
8.8
2020-01-08 CVE-2019-11757 Use After Free vulnerability in multiple products
When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it.
network
low complexity
mozilla canonical CWE-416
8.8
2020-01-08 CVE-2019-11745 Out-of-bounds Write vulnerability in multiple products
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur.
8.8
2020-01-05 CVE-2019-19911 Integer Overflow or Wraparound vulnerability in multiple products
There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large.
network
low complexity
python debian fedoraproject canonical CWE-190
7.5
2020-01-03 CVE-2019-19959 ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.
network
low complexity
sqlite canonical
7.5
2020-01-03 CVE-2020-5313 Out-of-bounds Read vulnerability in multiple products
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
network
low complexity
python debian canonical fedoraproject CWE-125
7.1
2020-01-03 CVE-2020-5310 Integer Overflow or Wraparound vulnerability in multiple products
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.
network
low complexity
python canonical fedoraproject CWE-190
8.8