Vulnerabilities > Canonical > Ubuntu Linux > 18.04

DATE CVE VULNERABILITY TITLE RISK
2019-04-23 CVE-2019-2602 Resource Exhaustion vulnerability in multiple products
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
7.5
2019-04-23 CVE-2019-2592 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS).
network
low complexity
oracle canonical fedoraproject redhat
4.9
2019-04-23 CVE-2019-2581 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle canonical fedoraproject redhat
4.9
2019-04-23 CVE-2019-2566 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in).
network
low complexity
oracle canonical
4.0
2019-04-23 CVE-2019-7304 Incorrect Authorization vulnerability in Canonical Snapd
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root.
network
low complexity
canonical CWE-863
critical
9.8
2019-04-23 CVE-2019-7303 Unspecified vulnerability in Canonical Snapd and Ubuntu Linux
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host.
network
low complexity
canonical
5.0
2019-04-23 CVE-2019-11474 Incorrect Calculation vulnerability in multiple products
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
6.5
2019-04-22 CVE-2019-11459 Use of Uninitialized Resource vulnerability in multiple products
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
5.5
2019-04-22 CVE-2019-11235 Insufficient Verification of Data Authenticity vulnerability in multiple products
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.
7.5
2019-04-22 CVE-2019-11234 Improper Authentication vulnerability in multiple products
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
7.5