Filtered by vendor Canonical
Subscribe
Total
4214 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-18808 | 4 Canonical, Fedoraproject, Linux and 1 more | 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247. | |||||
| CVE-2019-19462 | 5 Canonical, Debian, Linux and 2 more | 9 Ubuntu Linux, Debian Linux, Linux Kernel and 6 more | 2023-11-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result. | |||||
| CVE-2019-19906 | 8 Apache, Apple, Canonical and 5 more | 20 Bookkeeper, Ipados, Iphone Os and 17 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl. | |||||
| CVE-2019-19059 | 3 Canonical, Fedoraproject, Linux | 3 Ubuntu Linux, Fedora, Linux Kernel | 2023-11-07 | 4.7 MEDIUM | 4.7 MEDIUM |
| Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa. | |||||
| CVE-2019-17571 | 6 Apache, Canonical, Debian and 3 more | 17 Bookkeeper, Log4j, Ubuntu Linux and 14 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. | |||||
| CVE-2019-18609 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer. | |||||
| CVE-2019-16884 | 6 Canonical, Docker, Fedoraproject and 3 more | 10 Ubuntu Linux, Docker, Fedora and 7 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. | |||||
| CVE-2019-17266 | 2 Canonical, Gnome | 2 Ubuntu Linux, Libsoup | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy. | |||||
| CVE-2019-17455 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request. | |||||
| CVE-2019-18676 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme. | |||||
| CVE-2019-17134 | 2 Canonical, Opendev | 2 Ubuntu Linux, Octavia | 2023-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED. | |||||
| CVE-2019-17666 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2023-11-07 | 8.3 HIGH | 8.8 HIGH |
| rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. | |||||
| CVE-2019-17451 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Binutils, Leap | 2023-11-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm. | |||||
| CVE-2019-16866 | 2 Canonical, Nlnetlabs | 2 Ubuntu Linux, Unbound | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule. | |||||
| CVE-2019-18677 | 3 Canonical, Fedoraproject, Squid-cache | 3 Ubuntu Linux, Fedora, Squid | 2023-11-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to. | |||||
| CVE-2019-18218 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). | |||||
| CVE-2019-17055 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2023-11-07 | 2.1 LOW | 3.3 LOW |
| base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | |||||
| CVE-2019-18408 | 4 Canonical, Debian, Libarchive and 1 more | 4 Ubuntu Linux, Debian Linux, Libarchive and 1 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol. | |||||
| CVE-2019-18679 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks. | |||||
| CVE-2019-17563 | 5 Apache, Canonical, Debian and 2 more | 11 Tomcat, Ubuntu Linux, Debian Linux and 8 more | 2023-11-07 | 5.1 MEDIUM | 7.5 HIGH |
| When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability. | |||||