Vulnerabilities > Canonical > Ubuntu Linux > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-05 | CVE-2019-13305 | Off-by-one Error vulnerability in multiple products ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error. | 7.8 |
2019-07-05 | CVE-2019-13304 | Out-of-bounds Write vulnerability in multiple products ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment. | 7.8 |
2019-07-05 | CVE-2019-13300 | Out-of-bounds Write vulnerability in multiple products ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns. | 8.8 |
2019-07-05 | CVE-2019-13297 | Out-of-bounds Read vulnerability in multiple products ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled. | 8.8 |
2019-07-05 | CVE-2019-13295 | Out-of-bounds Read vulnerability in multiple products ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. | 8.8 |
2019-07-04 | CVE-2019-13241 | Path Traversal vulnerability in multiple products FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. | 7.8 |
2019-07-03 | CVE-2019-5052 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. | 8.8 |
2019-07-03 | CVE-2019-5051 | Improper Handling of Exceptional Conditions vulnerability in multiple products An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. | 8.8 |
2019-07-03 | CVE-2019-13164 | qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass. | 7.8 |
2019-07-01 | CVE-2019-13135 | Use of Uninitialized Resource vulnerability in multiple products ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. | 8.8 |