Vulnerabilities > Canonical > Ubuntu Linux > 12.04

DATE CVE VULNERABILITY TITLE RISK
2019-12-23 CVE-2019-11050 Out-of-bounds Read vulnerability in multiple products
When PHP EXIF extension is parsing EXIF information from an image, e.g.
6.5
2019-12-23 CVE-2019-11047 Out-of-bounds Read vulnerability in multiple products
When PHP EXIF extension is parsing EXIF information from an image, e.g.
network
low complexity
php fedoraproject debian canonical CWE-125
6.5
2019-12-23 CVE-2019-11046 Out-of-bounds Read vulnerability in multiple products
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers.
5.3
2019-12-23 CVE-2019-11045 Injection vulnerability in multiple products
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte.
5.9
2019-12-19 CVE-2019-19906 Off-by-one Error vulnerability in multiple products
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet.
7.5
2019-12-02 CVE-2012-4428 Out-of-bounds Read vulnerability in multiple products
openslp: SLPIntersectStringList()' Function has a DoS vulnerability
network
low complexity
openslp debian fedoraproject canonical CWE-125
7.5
2019-11-29 CVE-2015-3406 Incorrect Conversion between Numeric Types vulnerability in multiple products
The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.
network
low complexity
module-signature-project canonical CWE-681
7.5
2019-11-27 CVE-2019-19242 NULL Pointer Dereference vulnerability in multiple products
SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.
network
high complexity
sqlite canonical redhat oracle siemens CWE-476
5.9
2019-11-21 CVE-2012-3543 Improper Input Validation vulnerability in multiple products
mono 2.10.x ASP.NET Web Form Hash collision DoS
network
low complexity
mono-project canonical debian CWE-20
7.5
2019-11-20 CVE-2015-3167 Information Exposure vulnerability in multiple products
contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.
network
low complexity
postgresql debian canonical CWE-200
7.5