Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2018-20615	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. network low complexity haproxy opensuse canonical redhat CWE-125	7.5
2019-03-21	CVE-2018-18898	Resource Exhaustion vulnerability in multiple products The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. network low complexity bestpractical fedoraproject canonical debian CWE-400	7.5
2019-03-21	CVE-2018-18849	Out-of-bounds Read vulnerability in multiple products In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value. local low complexity qemu opensuse fedoraproject canonical CWE-125	5.5
2019-03-12	CVE-2019-9721	Out-of-bounds Read vulnerability in multiple products A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. network low complexity ffmpeg canonical CWE-125	6.5
2019-03-12	CVE-2019-9718	Out-of-bounds Read vulnerability in multiple products In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. network low complexity ffmpeg debian canonical CWE-125	6.5
2019-03-11	CVE-2019-9675	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. network high complexity php canonical opensuse CWE-119	8.1
2019-03-11	CVE-2019-9656	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibOFX 0.9.14. network low complexity libofx-project debian canonical CWE-476	8.8
2019-03-09	CVE-2019-9641	Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp CWE-908 critical	9.8
2019-03-09	CVE-2019-9640	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php canonical debian opensuse netapp redhat CWE-125	7.5
2019-03-09	CVE-2019-9639	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp redhat CWE-909	7.5