Vulnerabilities > Canonical > Ubuntu Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-12-01 CVE-2019-18609 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0.
network
low complexity
rabbitmq-c-project fedoraproject canonical debian CWE-787
critical
 9.8
9.8
2019-11-29 CVE-2019-14897 A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver.
network
low complexity
linux debian canonical
critical
 9.8
9.8
2019-11-29 CVE-2019-14901 A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver.
network
low complexity
linux fedoraproject debian canonical
critical
 9.8
9.8
2019-11-29 CVE-2019-14895 A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver.
network
low complexity
linux debian canonical fedoraproject opensuse
critical
 9.8
9.8
2019-11-27 CVE-2019-19330 Injection vulnerability in multiple products
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.
network
low complexity
haproxy canonical debian CWE-74
critical
 9.8
9.8
2019-11-27 CVE-2019-14896 A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver.
network
low complexity
linux redhat fedoraproject canonical debian
critical
 9.8
9.8
2019-11-26 CVE-2019-12523 An issue was discovered in Squid before 4.9.
network
low complexity
squid-cache canonical fedoraproject opensuse debian
critical
 9.1
9.1
2019-11-26 CVE-2019-12526 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid before 4.9.
network
low complexity
squid-cache canonical fedoraproject opensuse debian CWE-787
critical
 9.8
9.8
2019-11-20 CVE-2015-3166 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.
network
low complexity
postgresql debian canonical CWE-119
critical
 9.8
9.8
2019-10-31 CVE-2019-13508 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
FreeTDS through 1.1.11 has a Buffer Overflow.
network
low complexity
freetds canonical CWE-119
critical
 9.8
9.8