18.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-07	CVE-2018-5807	Out-of-bounds Read vulnerability in multiple products An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. network libraw canonical CWE-125	6.8
2018-12-07	CVE-2018-18314	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. network low complexity perl canonical debian netapp redhat CWE-119 critical	9.8
2018-12-07	CVE-2018-18313	Out-of-bounds Read vulnerability in multiple products Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. network low complexity perl canonical debian redhat netapp apple CWE-125 critical	9.1
2018-12-07	CVE-2018-18311	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. network low complexity perl canonical debian netapp redhat apple fedoraproject mcafee CWE-190 critical	9.8
2018-12-07	CVE-2018-19931	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. local low complexity gnu netapp canonical CWE-787	7.8
2018-12-05	CVE-2018-18312	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. network low complexity perl canonical debian redhat netapp CWE-119 critical	9.8
2018-12-04	CVE-2018-19854	Information Exposure vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.19.3. local linux canonical CWE-200	1.9
2018-12-04	CVE-2018-19841	Out-of-bounds Read vulnerability in multiple products The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. local low complexity wavpack canonical fedoraproject opensuse debian CWE-125	5.5
2018-12-04	CVE-2018-19840	Infinite Loop vulnerability in multiple products The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero. local low complexity wavpack canonical fedoraproject opensuse CWE-835	5.5
2018-12-03	CVE-2018-19824	Use After Free vulnerability in Linux Kernel In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. local low complexity linux canonical debian CWE-416	4.6