Vulnerabilities > Canonical > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-30	CVE-2019-10131	Off-by-one Error vulnerability in multiple products An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. local low complexity imagemagick redhat debian canonical opensuse CWE-193	3.6
2019-04-09	CVE-2019-0816	Use of Incorrectly-Resolved Name or Reference vulnerability in Canonical Ubuntu Linux 18.04 A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'. local canonical microsoft CWE-706	1.9
2019-02-28	CVE-2018-12397	Information Exposure vulnerability in Mozilla Firefox and Firefox ESR A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. local low complexity mozilla redhat debian canonical CWE-200	3.6
2019-02-18	CVE-2019-8905	Out-of-bounds Read vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. local low complexity debian file-project canonical opensuse CWE-125	3.6
2019-02-18	CVE-2019-8906	Out-of-bounds Read vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. local low complexity file-project canonical opensuse apple CWE-125	3.6
2019-02-12	CVE-2018-20781	Insufficiently Protected Credentials vulnerability in multiple products In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. local low complexity gnome canonical oracle CWE-522	2.1
2019-01-28	CVE-2018-10910	Incorrect Authorization vulnerability in multiple products A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. local low complexity bluez canonical CWE-863	3.3
2019-01-16	CVE-2019-2422	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle canonical netapp redhat debian opensuse hp	3.1
2019-01-16	CVE-2019-2503	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). oracle mariadb netapp canonical redhat	3.8
2019-01-15	CVE-2018-14662	Improper Authorization vulnerability in multiple products It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption. low complexity redhat debian opensuse canonical CWE-285	2.7