Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-31	CVE-2017-18360	Divide By Zero vulnerability in multiple products In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates. local low complexity linux canonical CWE-369	5.5
2019-01-30	CVE-2018-17199	Session Fixation vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. network low complexity apache debian netapp canonical oracle CWE-384	7.5
2019-01-30	CVE-2018-17189	Resource Exhaustion vulnerability in multiple products In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. network low complexity apache netapp fedoraproject debian oracle canonical redhat CWE-400	5.3
2019-01-30	CVE-2018-20750	Out-of-bounds Write vulnerability in multiple products LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. network low complexity libvnc-project canonical debian siemens CWE-787 critical	9.8
2019-01-30	CVE-2018-20749	Out-of-bounds Write vulnerability in multiple products LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. network low complexity libvnc-project canonical debian siemens CWE-787 critical	9.8
2019-01-30	CVE-2018-20748	Out-of-bounds Write vulnerability in multiple products LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. network low complexity libvnc-project debian canonical siemens CWE-787 critical	9.8
2019-01-29	CVE-2018-16880	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. local high complexity linux canonical CWE-787	7.0
2019-01-29	CVE-2019-7150	Out-of-bounds Read vulnerability in multiple products An issue was discovered in elfutils 0.175. local low complexity elfutils-project debian canonical opensuse redhat CWE-125	5.5
2019-01-28	CVE-2019-3462	Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. network high complexity debian canonical netapp	8.1
2019-01-28	CVE-2018-10910	A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. local low complexity bluez canonical	3.3