Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-08	CVE-2019-5188	Out-of-bounds Write vulnerability in multiple products A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. local low complexity e2fsprogs-project fedoraproject debian canonical opensuse netapp CWE-787	6.7
2020-01-05	CVE-2019-19911	Integer Overflow or Wraparound vulnerability in multiple products There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. network low complexity python debian fedoraproject canonical CWE-190	7.5
2020-01-03	CVE-2019-19959	ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. network low complexity sqlite canonical	7.5
2020-01-03	CVE-2020-5313	Out-of-bounds Read vulnerability in multiple products libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. network low complexity python debian canonical fedoraproject CWE-125	7.1
2020-01-03	CVE-2020-5312	Classic Buffer Overflow vulnerability in multiple products libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. network low complexity python canonical debian fedoraproject CWE-120 critical	9.8
2020-01-03	CVE-2020-5311	Classic Buffer Overflow vulnerability in multiple products libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. network low complexity python debian canonical fedoraproject CWE-120 critical	9.8
2020-01-03	CVE-2020-5310	Integer Overflow or Wraparound vulnerability in multiple products libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. network low complexity python canonical fedoraproject CWE-190	8.8
2020-01-02	CVE-2013-4532	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. local low complexity qemu canonical debian CWE-119	7.8
2020-01-02	CVE-2019-20218	Improper Handling of Exceptional Conditions vulnerability in multiple products selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. network low complexity sqlite debian canonical oracle CWE-755	7.5
2019-12-31	CVE-2013-4357	Classic Buffer Overflow vulnerability in multiple products The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. network low complexity eglibc novell debian canonical fedoraproject CWE-120	7.5