Vulnerabilities > Canonical > Ubuntu Linux > 12.04
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-23 | CVE-2019-11050 | Out-of-bounds Read vulnerability in multiple products When PHP EXIF extension is parsing EXIF information from an image, e.g. | 6.5 |
2019-12-23 | CVE-2019-11047 | Out-of-bounds Read vulnerability in multiple products When PHP EXIF extension is parsing EXIF information from an image, e.g. | 6.5 |
2019-12-23 | CVE-2019-11046 | Out-of-bounds Read vulnerability in multiple products In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. | 5.3 |
2019-12-23 | CVE-2019-11045 | Injection vulnerability in multiple products In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. | 5.9 |
2019-12-19 | CVE-2019-19906 | Off-by-one Error vulnerability in multiple products cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. | 7.5 |
2019-12-02 | CVE-2012-4428 | Out-of-bounds Read vulnerability in multiple products openslp: SLPIntersectStringList()' Function has a DoS vulnerability | 7.5 |
2019-11-29 | CVE-2015-3406 | Incorrect Conversion between Numeric Types vulnerability in multiple products The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors. | 7.5 |
2019-11-27 | CVE-2019-19242 | NULL Pointer Dereference vulnerability in multiple products SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c. | 5.9 |
2019-11-21 | CVE-2012-3543 | Improper Input Validation vulnerability in multiple products mono 2.10.x ASP.NET Web Form Hash collision DoS | 7.5 |
2019-11-20 | CVE-2015-3167 | Information Exposure vulnerability in multiple products contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack. | 7.5 |