Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-19 | CVE-2018-20022 | Improper Initialization vulnerability in multiple products LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. | 5.0 |
| 2018-12-17 | CVE-2018-20123 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. | 5.5 |
| 2018-12-17 | CVE-2018-20169 | Resource Exhaustion vulnerability in multiple products An issue was discovered in the Linux kernel before 4.19.9. | 6.8 |
| 2018-12-13 | CVE-2018-16872 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in qemu Media Transfer Protocol (MTP). | 5.3 |
| 2018-12-13 | CVE-2018-19489 | Race Condition vulnerability in multiple products v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. | 4.7 |
| 2018-12-13 | CVE-2018-19364 | Use After Free vulnerability in multiple products hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. | 5.5 |
| 2018-12-07 | CVE-2018-5812 | NULL Pointer Dereference vulnerability in multiple products An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference. | 4.3 |
| 2018-12-07 | CVE-2018-5811 | Out-of-bounds Read vulnerability in multiple products An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. | 4.3 |
| 2018-12-07 | CVE-2018-5810 | Out-of-bounds Write vulnerability in multiple products An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. | 6.8 |
| 2018-12-07 | CVE-2018-5807 | Out-of-bounds Read vulnerability in multiple products An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. | 6.8 |