Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-12-19 CVE-2018-20023 Improper Initialization vulnerability in multiple products
LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure.
network
low complexity
libvnc-project debian canonical CWE-665
5.0
2018-12-19 CVE-2018-20022 Improper Initialization vulnerability in multiple products
LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure.
network
low complexity
libvnc-project debian canonical CWE-665
5.0
2018-12-17 CVE-2018-20123 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error.
local
low complexity
qemu canonical fedoraproject CWE-772
5.5
2018-12-17 CVE-2018-20169 Resource Exhaustion vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.19.9.
low complexity
linux canonical debian CWE-400
6.8
2018-12-13 CVE-2018-16872 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
A flaw was found in qemu Media Transfer Protocol (MTP).
5.3
2018-12-13 CVE-2018-19489 Race Condition vulnerability in multiple products
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
4.7
2018-12-13 CVE-2018-19364 Use After Free vulnerability in multiple products
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
5.5
2018-12-07 CVE-2018-5812 NULL Pointer Dereference vulnerability in multiple products
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.
4.3
2018-12-07 CVE-2018-5811 Out-of-bounds Read vulnerability in multiple products
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
4.3
2018-12-07 CVE-2018-5810 Out-of-bounds Write vulnerability in multiple products
An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
6.8