18.04

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-28	CVE-2019-6978	Double Free vulnerability in multiple products The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. network low complexity libgd debian canonical CWE-415 critical	9.8
2019-01-27	CVE-2019-6977	Out-of-bounds Write vulnerability in multiple products gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. network low complexity libgd php debian canonical netapp CWE-787	8.8
2019-01-25	CVE-2019-3819	Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. local low complexity linux debian canonical opensuse CWE-835	4.9
2019-01-23	CVE-2019-6706	Use After Free vulnerability in multiple products Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. network low complexity lua canonical CWE-416	7.5
2019-01-16	CVE-2018-5740	Reachable Assertion vulnerability in multiple products "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. network low complexity isc redhat debian netapp canonical hp opensuse CWE-617	5.0
2019-01-16	CVE-2018-5738	Information Exposure vulnerability in multiple products Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. network low complexity isc canonical CWE-200	5.0
2019-01-16	CVE-2019-2537	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network low complexity oracle canonical debian netapp mariadb redhat	4.0
2019-01-16	CVE-2019-2534	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). network low complexity oracle canonical netapp redhat	7.1
2019-01-16	CVE-2019-2532	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). network low complexity oracle netapp canonical redhat	4.9
2019-01-16	CVE-2019-2531	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). network low complexity oracle netapp canonical redhat	4.9