Ubuntu_linux - Vulncode-DB

Date	Id	Summary	Products	Score
2019-02-25	CVE-2019-9162	In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper.	Ubuntu_linux, Linux_kernel, Cn1610_firmware, Hci_management_node, Snapprotect, Solidfire	7.8
2019-03-09	CVE-2019-9638	An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.	Ubuntu_linux, Debian_linux, Storage_automation_store, Leap, Php, Software_collections	7.5
2019-03-09	CVE-2019-9639	An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.	Ubuntu_linux, Debian_linux, Storage_automation_store, Leap, Php, Software_collections	7.5
2019-03-09	CVE-2019-9640	An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.	Ubuntu_linux, Debian_linux, Storage_automation_store, Leap, Php, Software_collections	7.5
2019-03-09	CVE-2019-9641	An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.	Ubuntu_linux, Debian_linux, Storage_automation_store, Leap, Php	9.8
2019-03-22	CVE-2019-9924	rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.	Ubuntu_linux, Debian_linux, Bash, Hci_management_node, Solidfire, Leap	7.8
2019-10-29	CVE-2019-15681	LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.	Ubuntu_linux, Debian_linux, Libvncserver, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	7.5
2018-12-19	CVE-2018-20019	LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution	Ubuntu_linux, Debian_linux, Libvncserver, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware	9.8
2019-09-27	CVE-2019-11740	Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.	Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap	8.8
2019-12-03	CVE-2019-19534	In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.	Ubuntu_linux, Debian_linux, Linux_kernel	2.4

Product: Ubuntu_linux (Canonical)

Product:
Ubuntu_linux
(Canonical)