Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-06-19 | CVE-2019-12436 | Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit. | Ubuntu_linux, Samba | 6.5 | ||
| 2019-06-19 | CVE-2019-12900 | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. | Bzip2, Ubuntu_linux, Debian_linux, Freebsd, Leap, Python | 9.8 | ||
| 2019-06-24 | CVE-2018-20843 | In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). | Ubuntu_linux, Debian_linux, Fedora, Libexpat, Leap, Hospitality_res_3700, Http_server, Outside_in_technology, Nessus | 7.5 | ||
| 2019-06-25 | CVE-2019-12817 | arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Leap, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus | 7.0 | ||
| 2019-06-26 | CVE-2019-12972 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. | Ubuntu_linux, Binutils, Leap | 5.5 | ||
| 2019-06-27 | CVE-2018-6156 | Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | Ubuntu_linux, Chrome | 8.8 | ||
| 2019-06-27 | CVE-2019-5827 | Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Ubuntu_linux, Debian_linux, Fedora, Chrome, Backports, Leap | 8.8 | ||
| 2019-06-29 | CVE-2019-13038 | mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL. | Ubuntu_linux, Fedora, Mod_auth_mellon, Zfs_storage_appliance_kit | 6.1 | ||
| 2019-06-30 | CVE-2019-13110 | A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted CRW image file. | Ubuntu_linux, Debian_linux, Exiv2, Fedora | 6.5 | ||
| 2019-06-30 | CVE-2019-13112 | A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file. | Ubuntu_linux, Debian_linux, Exiv2, Fedora | 6.5 |