12.04

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-05	CVE-2019-9213	NULL Pointer Dereference vulnerability in multiple products In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. local low complexity linux debian redhat opensuse canonical CWE-476	5.5
2019-02-22	CVE-2019-9024	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-125	7.5
2019-02-22	CVE-2019-9023	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-125 critical	9.8
2019-02-22	CVE-2019-9022	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. network low complexity php debian canonical netapp CWE-125	7.5
2019-02-22	CVE-2019-9021	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-125 critical	9.8
2019-02-22	CVE-2019-9020	Use After Free vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-416 critical	9.8
2019-02-15	CVE-2019-6974	Use After Free vulnerability in multiple products In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. network high complexity linux debian canonical f5 redhat CWE-416	8.1
2019-02-09	CVE-2019-7663	An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. network low complexity libtiff debian canonical opensuse	6.5
2019-02-08	CVE-2019-7637	Out-of-bounds Write vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c. network low complexity libsdl debian opensuse fedoraproject canonical CWE-787	8.8
2019-02-08	CVE-2019-7636	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c. network low complexity libsdl opensuse debian fedoraproject canonical CWE-125	8.1