Vulnerabilities > Canonical > Ubuntu Linux > 18.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-10 | CVE-2019-17451 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. | 6.5 |
| 2019-10-10 | CVE-2019-17450 | Uncontrolled Recursion vulnerability in multiple products find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | 6.5 |
| 2019-10-09 | CVE-2019-17402 | Classic Buffer Overflow vulnerability in multiple products Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size. | 6.5 |
| 2019-10-06 | CVE-2019-17266 | Out-of-bounds Read vulnerability in multiple products libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy. | 9.8 |
| 2019-10-04 | CVE-2019-17133 | Classic Buffer Overflow vulnerability in multiple products In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | 9.8 |
| 2019-10-03 | CVE-2019-15165 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. | 5.3 |
| 2019-10-03 | CVE-2019-15166 | Classic Buffer Overflow vulnerability in multiple products lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. | 7.5 |
| 2019-10-01 | CVE-2019-17055 | Missing Authorization vulnerability in multiple products base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | 3.3 |
| 2019-10-01 | CVE-2019-17052 | Incorrect Default Permissions vulnerability in multiple products ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. | 3.3 |
| 2019-09-28 | CVE-2019-16935 | Cross-site Scripting vulnerability in multiple products The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. | 6.1 |