Vulnerabilities > Canonical > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-21 CVE-2019-19344 Use After Free vulnerability in multiple products
There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
network
low complexity
samba canonical synology opensuse CWE-416
6.5
2020-01-21 CVE-2019-14907 Out-of-bounds Read vulnerability in multiple products
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed.
6.5
2020-01-21 CVE-2019-14902 There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.
network
low complexity
samba canonical opensuse debian
5.4
2020-01-17 CVE-2019-14615 Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.
local
low complexity
canonical intel
5.5
2020-01-15 CVE-2019-15961 Resource Exhaustion vulnerability in multiple products
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav cisco debian canonical CWE-400
6.5
2020-01-15 CVE-2020-2686 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle canonical netapp
6.5
2020-01-15 CVE-2020-2679 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle canonical netapp
4.9
2020-01-15 CVE-2020-2660 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle canonical netapp
4.9
2020-01-15 CVE-2020-2627 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser).
network
low complexity
oracle canonical netapp
6.5
2020-01-15 CVE-2020-2601 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security).
network
high complexity
oracle debian canonical opensuse netapp redhat
6.8