Total
3980 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-9848 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5. | |||||
| CVE-2019-13962 | 4 Canonical, Debian, Opensuse and 1 more | 5 Ubuntu Linux, Debian Linux, Backports Sle and 2 more | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. | |||||
| CVE-2019-9849 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-04-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5. | |||||
| CVE-2019-13602 | 4 Canonical, Debian, Opensuse and 1 more | 5 Ubuntu Linux, Debian Linux, Backports Sle and 2 more | 2022-04-18 | 6.8 MEDIUM | 7.8 HIGH |
| An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. | |||||
| CVE-2019-13377 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2022-04-18 | 4.3 MEDIUM | 5.9 MEDIUM |
| The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery. | |||||
| CVE-2019-14763 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2022-04-18 | 4.9 MEDIUM | 5.5 MEDIUM |
| In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid. | |||||
| CVE-2019-12418 | 6 Apache, Canonical, Debian and 3 more | 6 Tomcat, Ubuntu Linux, Debian Linux and 3 more | 2022-04-18 | 4.4 MEDIUM | 7.0 HIGH |
| When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance. | |||||
| CVE-2019-18786 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2022-04-18 | 2.1 LOW | 5.5 MEDIUM |
| In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem. | |||||
| CVE-2019-18683 | 6 Broadcom, Canonical, Debian and 3 more | 23 Fabric Operating System, Ubuntu Linux, Debian Linux and 20 more | 2022-04-18 | 6.9 MEDIUM | 7.0 HIGH |
| An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free. | |||||
| CVE-2019-2214 | 2 Canonical, Google | 2 Ubuntu Linux, Android | 2022-04-18 | 7.2 HIGH | 7.8 HIGH |
| In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-136210786References: Upstream kernel | |||||
| CVE-2019-14287 | 7 Canonical, Debian, Fedoraproject and 4 more | 15 Ubuntu Linux, Debian Linux, Fedora and 12 more | 2022-04-18 | 9.0 HIGH | 8.8 HIGH |
| In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. | |||||
| CVE-2020-15705 | 7 Canonical, Debian, Gnu and 4 more | 14 Ubuntu Linux, Debian Linux, Grub2 and 11 more | 2022-04-18 | 4.4 MEDIUM | 6.4 MEDIUM |
| GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. | |||||
| CVE-2020-6814 | 2 Canonical, Mozilla | 4 Ubuntu Linux, Firefox, Firefox Esr and 1 more | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. | |||||
| CVE-2019-18808 | 4 Canonical, Fedoraproject, Linux and 1 more | 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more | 2022-04-18 | 2.1 LOW | 5.5 MEDIUM |
| A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247. | |||||
| CVE-2019-19244 | 4 Canonical, Oracle, Siemens and 1 more | 4 Ubuntu Linux, Mysql Workbench, Sinec Infrastructure Network Services and 1 more | 2022-04-15 | 5.0 MEDIUM | 7.5 HIGH |
| sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. | |||||
| CVE-2018-20549 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-04-15 | 6.8 MEDIUM | 8.8 HIGH |
| There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19. | |||||
| CVE-2018-20548 | 4 Canonical, Fedoraproject, Libcaca Project and 1 more | 4 Ubuntu Linux, Fedora, Libcaca and 1 more | 2022-04-15 | 6.8 MEDIUM | 8.8 HIGH |
| There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data. | |||||
| CVE-2018-20547 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2022-04-15 | 5.8 MEDIUM | 8.1 HIGH |
| There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data. | |||||
| CVE-2013-5704 | 5 Apache, Apple, Canonical and 2 more | 16 Http Server, Mac Os X, Mac Os X Server and 13 more | 2022-04-14 | 5.0 MEDIUM | N/A |
| The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." | |||||
| CVE-2019-15166 | 8 Apple, Canonical, Debian and 5 more | 10 Mac Os X, Ubuntu Linux, Debian Linux and 7 more | 2022-04-13 | 5.0 MEDIUM | 7.5 HIGH |
| lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. | |||||