Product:

Ubuntu_linux

(Canonical)
Repositories https://github.com/torvalds/linux
https://github.com/LibRaw/LibRaw
https://github.com/neomutt/neomutt
https://github.com/xkbcommon/libxkbcommon
https://github.com/ImageMagick/ImageMagick
https://github.com/kyz/libmspack
https://github.com/FreeRDP/FreeRDP
https://github.com/gpac/gpac
https://github.com/curl/curl
https://github.com/file/file
https://github.com/dbry/WavPack
https://github.com/audreyt/module-signature
https://github.com/Perl/perl5
https://github.com/libarchive/libarchive
https://github.com/rubygems/rubygems
https://github.com/tats/w3m
https://github.com/LibVNC/libvncserver
https://github.com/openvswitch/ovs
https://github.com/ntp-project/ntp
https://github.com/apache/httpd
https://github.com/newsoft/libvncserver
https://github.com/memcached/memcached
https://github.com/WebKit/webkit
https://github.com/libgd/libgd
https://github.com/dosfstools/dosfstools
https://github.com/lxc/lxcfs
https://github.com/bagder/curl
https://github.com/vrtadmin/clamav-devel
https://github.com/php/php-src
https://github.com/derickr/timelib
https://github.com/glennrp/libpng
https://github.com/openbsd/src
https://git.savannah.gnu.org/git/patch.git
https://github.com/requests/requests
https://github.com/puppetlabs/puppet
https://github.com/beanshell/beanshell
https://github.com/lxc/lxc
https://github.com/flori/json
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/simsong/tcpflow
https://github.com/apple/cups
https://github.com/dovecot/core
https://github.com/qpdf/qpdf
https://github.com/lxml/lxml
https://github.com/git/git
https://github.com/TeX-Live/texlive-source
https://github.com/liblouis/liblouis
https://github.com/ImageMagick/ImageMagick6
https://github.com/mm2/Little-CMS
https://github.com/GNOME/pango
https://github.com/lavv17/lftp
https://github.com/Cisco-Talos/clamav-devel
https://git.kernel.org/pub/scm/git/git.git
https://github.com/openstack/nova-lxd
https://github.com/moinwiki/moin-1.9
https://github.com/pyca/cryptography
https://github.com/libimobiledevice/libimobiledevice
https://github.com/jpirko/libndp
https://github.com/mysql/mysql-server
https://github.com/wikimedia/mediawiki
https://github.com/kohler/t1utils
https://github.com/kennethreitz/requests
https://github.com/khaledhosny/ots
https://github.com/jmacd/xdelta-devel
https://github.com/quassel/quassel
https://github.com/hexchat/hexchat
https://github.com/mongodb/mongo-python-driver
https://github.com/openstack/glance
https://github.com/openstack/nova
https://github.com/openssh/openssh-portable
#Vulnerabilities 2190
Date ID Summary Products Score Patch Annotated
2018-12-07 CVE-2018-18314 Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. Ubuntu_linux, Debian_linux, E\-Series_santricity_os_controller, Snap_creator_framework, Snapcenter, Snapdrive, Perl, Enterprise_linux 9.8
2018-12-07 CVE-2018-18313 Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. Mac_os_x, Ubuntu_linux, Debian_linux, E\-Series_santricity_os_controller, Snap_creator_framework, Snapcenter, Snapdrive, Perl, Enterprise_linux 9.1
2018-12-05 CVE-2018-18312 Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. Ubuntu_linux, Debian_linux, E\-Series_santricity_os_controller, Snap_creator_framework, Snapcenter, Snapdrive, Perl, Enterprise_linux 9.8
2018-03-13 CVE-2018-1000127 memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later. Ubuntu_linux, Debian_linux, Memcached, Openstack 7.5
2019-09-03 CVE-2019-10197 A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share. Ubuntu_linux, Debian_linux, Samba 9.1
2018-07-10 CVE-2018-1116 A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure. Ubuntu_linux, Debian_linux, Polkit 7.1
2009-08-27 CVE-2009-2698 The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket. Ubuntu_linux, Linux_kernel, Linux_enterprise_desktop, Linux_enterprise_server N/A
2019-01-09 CVE-2019-5747 An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679. Busybox, Ubuntu_linux 7.5
2019-01-09 CVE-2018-20679 An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes. Busybox, Ubuntu_linux 7.5
2019-08-29 CVE-2019-11476 An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie process. Ubuntu_linux 7.8