Vulnerabilities > Canonical > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-16	CVE-2019-2973	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). network high complexity oracle redhat netapp debian opensuse canonical	3.7
2019-10-16	CVE-2019-2978	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). network high complexity oracle redhat netapp debian opensuse canonical	3.7
2019-10-16	CVE-2019-2981	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). network high complexity oracle redhat netapp debian opensuse canonical	3.7
2019-10-16	CVE-2019-2983	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). network high complexity oracle redhat netapp debian opensuse canonical	3.7
2019-10-16	CVE-2019-2988	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). network high complexity oracle netapp debian canonical opensuse redhat	3.7
2019-10-16	CVE-2019-2992	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). network high complexity oracle redhat netapp debian canonical opensuse	3.7
2019-10-01	CVE-2019-17052	Incorrect Default Permissions vulnerability in multiple products ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. local low complexity linux debian fedoraproject canonical CWE-276	3.3
2019-10-01	CVE-2019-17055	Missing Authorization vulnerability in multiple products base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. local low complexity linux debian fedoraproject canonical opensuse redhat CWE-862	3.3
2019-09-25	CVE-2019-13627	Race Condition vulnerability in multiple products It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. local high complexity canonical opensuse libgcrypt20-project CWE-362	2.6
2019-09-24	CVE-2019-12068	Infinite Loop vulnerability in multiple products In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. local low complexity qemu canonical opensuse CWE-835	3.8