Vulnerabilities > Canonical > Ubuntu Linux > 18.04

DATE CVE VULNERABILITY TITLE RISK
2018-11-07 CVE-2018-19060 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Poppler 0.71.0.
4.3
2018-11-07 CVE-2018-19059 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Poppler 0.71.0.
4.3
2018-11-07 CVE-2018-19058 Always-Incorrect Control Flow Implementation vulnerability in multiple products
An issue was discovered in Poppler 0.71.0.
network
low complexity
freedesktop canonical debian redhat CWE-670
6.5
2018-11-07 CVE-2018-16845 Resource Exhaustion vulnerability in multiple products
nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file.
5.8
2018-11-07 CVE-2018-16844 Resource Exhaustion vulnerability in multiple products
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage.
network
low complexity
f5 debian canonical apple CWE-400
7.8
2018-11-07 CVE-2018-16843 Resource Exhaustion vulnerability in multiple products
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption.
network
low complexity
f5 debian canonical opensuse apple CWE-400
7.8
2018-11-06 CVE-2018-9516 Out-of-bounds Write vulnerability in multiple products
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google debian canonical CWE-787
7.2
2018-11-06 CVE-2018-9415 Double Free vulnerability in multiple products
In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking.
local
low complexity
google canonical CWE-415
4.6
2018-11-06 CVE-2018-9363 Integer Overflow or Wraparound vulnerability in multiple products
In the hidp_process_report in bluetooth, there is an integer overflow.
local
low complexity
google canonical debian linux CWE-190
8.4
2018-11-02 CVE-2018-16847 Out-of-bounds Read vulnerability in multiple products
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU.
local
low complexity
qemu canonical CWE-125
4.6