Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-03	CVE-2019-5052	Integer Overflow or Wraparound vulnerability in multiple products An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. network low complexity libsdl debian opensuse canonical CWE-190	8.8
2019-07-03	CVE-2019-5051	Improper Handling of Exceptional Conditions vulnerability in multiple products An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. network low complexity libsdl debian opensuse canonical CWE-755	8.8
2019-07-03	CVE-2019-13164	qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass. local low complexity qemu debian opensuse canonical	7.8
2019-07-01	CVE-2019-13137	Memory Leak vulnerability in multiple products ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c. network low complexity imagemagick debian canonical CWE-401	6.5
2019-07-01	CVE-2019-13135	Use of Uninitialized Resource vulnerability in multiple products ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. network low complexity imagemagick debian canonical f5 CWE-908	8.8
2019-07-01	CVE-2019-12781	Cleartext Transmission of Sensitive Information vulnerability in multiple products An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. network low complexity djangoproject canonical debian CWE-319	5.3
2019-07-01	CVE-2019-13118	Type Confusion vulnerability in multiple products In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. network low complexity xmlsoft opensuse netapp oracle fedoraproject canonical apple CWE-843	5.3
2019-07-01	CVE-2019-13117	Use of Uninitialized Resource vulnerability in multiple products In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. network low complexity xmlsoft debian canonical fedoraproject opensuse oracle CWE-908	5.3
2019-06-30	CVE-2019-13114	NULL Pointer Dereference vulnerability in multiple products http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character. network low complexity exiv2 fedoraproject debian canonical CWE-476	6.5
2019-06-30	CVE-2019-13113	Reachable Assertion vulnerability in multiple products Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file. network low complexity exiv2 fedoraproject canonical CWE-617	6.5