Vulnerabilities > Canonical > Ubuntu Linux > 18.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-19 | CVE-2018-20020 | Out-of-bounds Write vulnerability in multiple products LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution | 7.5 |
| 2018-12-19 | CVE-2018-20019 | Out-of-bounds Write vulnerability in multiple products LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution | 7.5 |
| 2018-12-19 | CVE-2018-15127 | Out-of-bounds Write vulnerability in multiple products LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution | 7.5 |
| 2018-12-19 | CVE-2018-15126 | Use After Free vulnerability in multiple products LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution | 7.5 |
| 2018-12-17 | CVE-2018-20185 | Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. | 2.6 |
| 2018-12-17 | CVE-2018-20123 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. | 5.5 |
| 2018-12-13 | CVE-2018-16872 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in qemu Media Transfer Protocol (MTP). | 5.3 |
| 2018-12-13 | CVE-2018-19489 | Race Condition vulnerability in multiple products v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. | 4.7 |
| 2018-12-13 | CVE-2018-19364 | Use After Free vulnerability in multiple products hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. | 5.5 |
| 2018-12-12 | CVE-2018-20103 | Infinite Loop vulnerability in multiple products An issue was discovered in dns.c in HAProxy through 1.8.14. | 7.5 |