Vulnerabilities > Canonical > Ubuntu Linux > 14.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-05 | CVE-2018-18506 | When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. | 5.9 |
| 2019-02-05 | CVE-2018-18505 | Improper Authentication vulnerability in Mozilla Firefox and Firefox ESR An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. | 7.5 |
| 2019-02-05 | CVE-2018-18504 | Out-of-bounds Read vulnerability in multiple products A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. | 7.5 |
| 2019-02-05 | CVE-2018-18503 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. | 6.8 |
| 2019-02-05 | CVE-2018-18502 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 64. | 10.0 |
| 2019-02-05 | CVE-2018-18501 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. | 7.5 |
| 2019-02-05 | CVE-2018-18500 | Use After Free vulnerability in Mozilla Firefox and Firefox ESR A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. | 7.5 |
| 2019-02-04 | CVE-2019-1000020 | Infinite Loop vulnerability in multiple products libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. | 6.5 |
| 2019-02-04 | CVE-2019-1000019 | Out-of-bounds Read vulnerability in multiple products libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). | 6.5 |
| 2019-02-04 | CVE-2019-1000018 | Command Injection vulnerability in multiple products rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. | 7.8 |