Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-19	CVE-2018-20019	Out-of-bounds Write vulnerability in multiple products LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution network low complexity libvnc-project canonical debian siemens CWE-787 critical	9.8
2018-12-19	CVE-2018-15127	Out-of-bounds Write vulnerability in multiple products LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution network low complexity libvnc-project canonical redhat debian CWE-787 critical	9.8
2018-12-19	CVE-2018-15126	Use After Free vulnerability in multiple products LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution network low complexity libvnc-project canonical debian CWE-416 critical	9.8
2018-12-18	CVE-2018-16884	A flaw was found in the Linux kernel's NFS41+ subsystem. low complexity linux redhat debian canonical	8.0
2018-12-17	CVE-2018-20185	Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. network high complexity graphicsmagick debian canonical CWE-125	5.3
2018-12-17	CVE-2018-20123	Missing Release of Resource after Effective Lifetime vulnerability in multiple products pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. local low complexity qemu canonical fedoraproject CWE-772	5.5
2018-12-17	CVE-2018-20169	Resource Exhaustion vulnerability in multiple products An issue was discovered in the Linux kernel before 4.19.9. low complexity linux canonical debian CWE-400	6.8
2018-12-13	CVE-2018-16872	A flaw was found in qemu Media Transfer Protocol (MTP). network high complexity qemu debian fedoraproject canonical opensuse	5.3
2018-12-13	CVE-2018-19489	Race Condition vulnerability in multiple products v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. local high complexity qemu debian fedoraproject canonical opensuse CWE-362	4.7
2018-12-13	CVE-2018-19364	Use After Free vulnerability in multiple products hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. local low complexity qemu canonical debian fedoraproject opensuse CWE-416	5.5