Product:

Ubuntu_linux

(Canonical)
Repositories https://github.com/torvalds/linux
https://github.com/LibRaw/LibRaw
https://github.com/neomutt/neomutt
https://github.com/xkbcommon/libxkbcommon
https://github.com/ImageMagick/ImageMagick
https://github.com/kyz/libmspack
https://github.com/FreeRDP/FreeRDP
https://github.com/gpac/gpac
https://github.com/curl/curl
https://github.com/file/file
https://github.com/dbry/WavPack
https://github.com/audreyt/module-signature
https://github.com/Perl/perl5
https://github.com/libarchive/libarchive
https://github.com/rubygems/rubygems
https://github.com/tats/w3m
https://github.com/LibVNC/libvncserver
https://github.com/openvswitch/ovs
https://github.com/ntp-project/ntp
https://github.com/apache/httpd
https://github.com/newsoft/libvncserver
https://github.com/memcached/memcached
https://github.com/WebKit/webkit
https://github.com/libgd/libgd
https://github.com/dosfstools/dosfstools
https://github.com/lxc/lxcfs
https://github.com/bagder/curl
https://github.com/vrtadmin/clamav-devel
https://github.com/php/php-src
https://github.com/derickr/timelib
https://github.com/glennrp/libpng
https://github.com/openbsd/src
https://git.savannah.gnu.org/git/patch.git
https://github.com/requests/requests
https://github.com/puppetlabs/puppet
https://github.com/beanshell/beanshell
https://github.com/lxc/lxc
https://github.com/flori/json
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/simsong/tcpflow
https://github.com/apple/cups
https://github.com/dovecot/core
https://github.com/qpdf/qpdf
https://github.com/lxml/lxml
https://github.com/git/git
https://github.com/TeX-Live/texlive-source
https://github.com/liblouis/liblouis
https://github.com/ImageMagick/ImageMagick6
https://github.com/mm2/Little-CMS
https://github.com/GNOME/pango
https://github.com/lavv17/lftp
https://github.com/Cisco-Talos/clamav-devel
https://git.kernel.org/pub/scm/git/git.git
https://github.com/openstack/nova-lxd
https://github.com/moinwiki/moin-1.9
https://github.com/pyca/cryptography
https://github.com/libimobiledevice/libimobiledevice
https://github.com/jpirko/libndp
https://github.com/mysql/mysql-server
https://github.com/wikimedia/mediawiki
https://github.com/kohler/t1utils
https://github.com/kennethreitz/requests
https://github.com/khaledhosny/ots
https://github.com/jmacd/xdelta-devel
https://github.com/quassel/quassel
https://github.com/hexchat/hexchat
https://github.com/mongodb/mongo-python-driver
https://github.com/openstack/glance
https://github.com/openstack/nova
https://github.com/openssh/openssh-portable
#Vulnerabilities 2190
Date ID Summary Products Score Patch
2019-08-29 CVE-2019-15717 Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. Ubuntu_linux, Irssi 9.8
2019-04-18 CVE-2019-11324 The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. Ubuntu_linux, Urllib3 7.5
2018-12-06 CVE-2018-9568 In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel. Ubuntu_linux, Android, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization 7.8
2018-12-28 CVE-2018-20551 A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c. Ubuntu_linux, Poppler 6.5
2018-12-03 CVE-2018-19824 In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. Ubuntu_linux, Debian_linux, Linux_kernel 7.8
2018-11-07 CVE-2018-16845 nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an... Ubuntu_linux, Debian_linux, Nginx, Enterprise_linux 6.1
2018-11-07 CVE-2018-16844 nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file. Ubuntu_linux, Debian_linux, Nginx 7.5
2018-11-07 CVE-2018-16843 nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file. Ubuntu_linux, Debian_linux, Nginx 7.5
2019-01-14 CVE-2019-6251 WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. Ubuntu_linux, Fedora, Epiphany, Leap, Webkitgtk, Wpe_webkit 8.1
2018-04-17 CVE-2018-6913 Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. Ubuntu_linux, Debian_linux, Perl 9.8