Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-11	CVE-2019-0220	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. network low complexity apache opensuse debian fedoraproject canonical CWE-706	5.3
2019-06-11	CVE-2019-12749	Link Following vulnerability in multiple products dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. local low complexity freedesktop canonical CWE-59	7.1
2019-06-10	CVE-2019-12387	Injection vulnerability in multiple products In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. network low complexity twisted fedoraproject canonical oracle CWE-74	6.1
2019-06-07	CVE-2019-2101	Out-of-bounds Read vulnerability in multiple products In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. local low complexity google debian canonical CWE-125	5.5
2019-06-07	CVE-2019-10160	A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. network low complexity python redhat debian opensuse fedoraproject canonical netapp critical	9.8
2019-06-05	CVE-2019-10149	OS Command Injection vulnerability in multiple products A flaw was found in Exim versions 4.87 to 4.91 (inclusive). network low complexity exim debian canonical CWE-78 critical	9.8
2019-06-03	CVE-2019-12614	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. local high complexity linux redhat canonical opensuse fedoraproject CWE-476	4.1
2019-06-03	CVE-2019-11356	Out-of-bounds Write vulnerability in multiple products The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. network low complexity cyrus fedoraproject debian canonical redhat CWE-787 critical	9.8
2019-06-03	CVE-2019-3846	A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. low complexity linux redhat canonical netapp fedoraproject debian opensuse	8.8
2019-05-30	CVE-2019-8457	Out-of-bounds Read vulnerability in multiple products SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. network low complexity sqlite canonical opensuse fedoraproject CWE-125 critical	9.8