Vulnerabilities > Canonical > Ubuntu Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-25 | CVE-2019-10018 | Divide By Zero vulnerability in multiple products An issue was discovered in Xpdf 4.01.01. | 5.5 |
| 2019-03-21 | CVE-2019-9903 | Out-of-bounds Write vulnerability in multiple products PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. | 6.5 |
| 2019-03-21 | CVE-2019-7222 | The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. | 5.5 |
| 2019-03-21 | CVE-2019-6454 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in sd-bus in systemd 239. local low complexity systemd-project opensuse netapp debian fedoraproject canonical redhat mcafee CWE-787 | 5.5 |
| 2019-03-21 | CVE-2019-3832 | Out-of-bounds Read vulnerability in multiple products It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. | 5.5 |
| 2019-03-21 | CVE-2018-18849 | Out-of-bounds Read vulnerability in multiple products In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value. | 5.5 |
| 2019-03-12 | CVE-2019-9721 | Out-of-bounds Read vulnerability in multiple products A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. | 6.5 |
| 2019-03-12 | CVE-2019-9718 | Out-of-bounds Read vulnerability in multiple products In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. | 6.5 |
| 2019-03-06 | CVE-2019-3824 | Out-of-bounds Read vulnerability in multiple products A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. | 6.5 |
| 2019-03-05 | CVE-2019-9213 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. | 5.5 |