Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-18 | CVE-2019-8904 | Out-of-bounds Read vulnerability in multiple products do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf. | 6.8 |
| 2019-02-15 | CVE-2019-8354 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in SoX 14.4.2. | 5.0 |
| 2019-02-09 | CVE-2019-7665 | Out-of-bounds Read vulnerability in multiple products In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. | 4.3 |
| 2019-02-09 | CVE-2019-7663 | An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. | 4.3 |
| 2019-02-07 | CVE-2019-7582 | Allocation of Resources Without Limits or Throttling vulnerability in Libming The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure. | 6.8 |
| 2019-02-07 | CVE-2019-7581 | Allocation of Resources Without Limits or Throttling vulnerability in Libming The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876. | 6.8 |
| 2019-02-06 | CVE-2018-20763 | Out-of-bounds Write vulnerability in multiple products In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking. | 6.8 |
| 2019-02-06 | CVE-2018-20762 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames. | 6.8 |
| 2019-02-06 | CVE-2018-20761 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a. | 6.8 |
| 2019-02-06 | CVE-2018-20760 | Out-of-bounds Write vulnerability in multiple products In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled. | 6.8 |