Ubuntu_linux - Vulncode-DB

Date	Id	Summary	Products	Score
2019-10-04	CVE-2019-17133	In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.	Ubuntu_linux, Debian_linux, Linux_kernel, Leap	9.8
2019-11-27	CVE-2019-10220	Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.	Ubuntu_linux, Debian_linux, Linux_kernel	8.8
2019-10-16	CVE-2019-2988	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE...	Ubuntu_linux, Debian_linux, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, E\-Series_santricity_web_services_proxy, Oncommand_workflow_automation, Snapmanager, Leap, Jdk, Jre, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite	3.7
2019-10-16	CVE-2019-2992	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE...	Ubuntu_linux, Debian_linux, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, E\-Series_santricity_web_services_proxy, Oncommand_workflow_automation, Snapmanager, Leap, Jdk, Jre, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite	3.7
2011-07-29	CVE-2011-2694	Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page).	Ubuntu_linux, Debian_linux, Samba	N/A
2014-02-18	CVE-2014-1943	Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.	Ubuntu_linux, Debian_linux, Fine_free_file, Php	N/A
2019-12-03	CVE-2019-19524	In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.	Ubuntu_linux, Debian_linux, Linux_kernel	4.6
2019-12-03	CVE-2019-19526	In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.	Ubuntu_linux, Linux_kernel, Leap	4.6
2019-12-24	CVE-2019-19948	In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.	Ubuntu_linux, Debian_linux, Imagemagick, Leap	9.8
2019-12-24	CVE-2019-19949	In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.	Ubuntu_linux, Debian_linux, Imagemagick, Leap	9.1

Product: Ubuntu_linux (Canonical)

Product:
Ubuntu_linux
(Canonical)