Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-06 | CVE-2019-3825 | Improper Authentication vulnerability in multiple products A vulnerability was discovered in gdm before 3.31.4. | 6.9 |
| 2019-02-06 | CVE-2019-3820 | Improper Authentication vulnerability in multiple products It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. | 4.6 |
| 2019-02-05 | CVE-2018-18506 | When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. | 5.9 |
| 2019-02-05 | CVE-2018-18503 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. | 6.8 |
| 2019-02-05 | CVE-2019-7398 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. | 5.0 |
| 2019-02-05 | CVE-2019-7397 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. | 5.0 |
| 2019-02-05 | CVE-2019-7396 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. | 5.0 |
| 2019-02-05 | CVE-2019-7395 | Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. | 5.0 |
| 2019-02-04 | CVE-2019-1000020 | Infinite Loop vulnerability in multiple products libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. | 6.5 |
| 2019-02-04 | CVE-2019-1000019 | Out-of-bounds Read vulnerability in multiple products libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). | 6.5 |