Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-02-18 CVE-2019-8907 Out-of-bounds Write vulnerability in multiple products
do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.
6.8
2019-02-18 CVE-2019-8904 Out-of-bounds Read vulnerability in multiple products
do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.
6.8
2019-02-15 CVE-2019-8354 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in SoX 14.4.2.
5.0
2019-02-09 CVE-2019-7665 Out-of-bounds Read vulnerability in multiple products
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf.
4.3
2019-02-09 CVE-2019-7663 An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. 4.3
2019-02-07 CVE-2019-7582 Allocation of Resources Without Limits or Throttling vulnerability in Libming
The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure.
6.8
2019-02-07 CVE-2019-7581 Allocation of Resources Without Limits or Throttling vulnerability in Libming
The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876.
6.8
2019-02-06 CVE-2018-20763 Out-of-bounds Write vulnerability in multiple products
In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.
6.8
2019-02-06 CVE-2018-20762 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.
6.8
2019-02-06 CVE-2018-20761 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.
6.8