Vulnerabilities > Canonical > Ubuntu Linux > 14.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-30 | CVE-2018-20749 | Out-of-bounds Write vulnerability in multiple products LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. | 7.5 |
| 2019-01-30 | CVE-2018-20748 | Out-of-bounds Write vulnerability in multiple products LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. | 7.5 |
| 2019-01-28 | CVE-2019-3462 | Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. | 8.1 |
| 2019-01-28 | CVE-2019-6978 | Double Free vulnerability in multiple products The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. | 9.8 |
| 2019-01-27 | CVE-2019-6977 | Out-of-bounds Write vulnerability in multiple products gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. | 8.8 |
| 2019-01-25 | CVE-2019-3819 | Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. | 4.9 |
| 2019-01-16 | CVE-2018-5740 | Reachable Assertion vulnerability in multiple products "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. | 5.0 |
| 2019-01-16 | CVE-2018-5733 | Integer Overflow or Wraparound vulnerability in multiple products A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. | 5.0 |
| 2019-01-16 | CVE-2017-3144 | Resource Exhaustion vulnerability in multiple products A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. | 5.0 |
| 2019-01-16 | CVE-2019-2422 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). | 3.1 |