Product:

Ubuntu_linux

(Canonical)
Repositories https://github.com/torvalds/linux
https://github.com/ImageMagick/ImageMagick
https://github.com/LibRaw/LibRaw
https://github.com/neomutt/neomutt
https://github.com/xkbcommon/libxkbcommon
https://github.com/file/file
https://github.com/FreeRDP/FreeRDP
https://github.com/kyz/libmspack
https://github.com/gpac/gpac
https://github.com/curl/curl
https://github.com/krb5/krb5
https://github.com/apache/httpd
https://github.com/madler/zlib
https://github.com/dbry/WavPack
https://github.com/audreyt/module-signature
https://github.com/tats/w3m
https://github.com/libarchive/libarchive
https://github.com/Perl/perl5
https://github.com/libgd/libgd
https://github.com/ntp-project/ntp
https://github.com/LibVNC/libvncserver
https://github.com/openvswitch/ovs
https://github.com/newsoft/libvncserver
https://github.com/rubygems/rubygems
https://github.com/mm2/Little-CMS
https://github.com/memcached/memcached
https://github.com/erikd/libsndfile
https://github.com/dosfstools/dosfstools
https://github.com/php/php-src
https://github.com/WebKit/webkit
https://github.com/lxc/lxcfs
https://github.com/bagder/curl
https://github.com/vrtadmin/clamav-devel
https://github.com/bcgit/bc-java
• git://git.openssl.org/openssl.git
https://github.com/mdadams/jasper
https://github.com/pyca/cryptography
https://github.com/opencontainers/runc
https://git.kernel.org/pub/scm/git/git.git
https://github.com/openbsd/src
https://github.com/openssh/openssh-portable
https://github.com/openstack/glance
https://github.com/mongodb/mongo-python-driver
https://github.com/jpirko/libndp
https://github.com/FFmpeg/FFmpeg
https://github.com/requests/requests
https://github.com/glennrp/libpng
https://github.com/vim/vim
https://github.com/rdoc/rdoc
https://github.com/ansible/ansible
https://github.com/hexchat/hexchat
https://github.com/GNOME/pango
https://github.com/stoth68000/media-tree
https://github.com/ImageMagick/ImageMagick6
https://github.com/kennethreitz/requests
https://github.com/lxml/lxml
https://github.com/beanshell/beanshell
https://github.com/git/git
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/mysql/mysql-server
https://github.com/dovecot/core
https://github.com/openstack/nova-lxd
https://github.com/apple/cups
https://github.com/derickr/timelib
https://git.savannah.gnu.org/git/patch.git
https://github.com/puppetlabs/puppet
https://github.com/lxc/lxc
https://github.com/flori/json
https://github.com/qpdf/qpdf
https://github.com/TeX-Live/texlive-source
https://github.com/liblouis/liblouis
https://github.com/lavv17/lftp
https://github.com/Cisco-Talos/clamav-devel
https://github.com/moinwiki/moin-1.9
https://github.com/libimobiledevice/libimobiledevice
https://github.com/wikimedia/mediawiki
https://github.com/kohler/t1utils
https://github.com/khaledhosny/ots
https://github.com/jmacd/xdelta-devel
https://github.com/quassel/quassel
https://github.com/openstack/nova
#Vulnerabilities 4108
Date Id Summary Products Score Patch Annotated
2019-12-23 CVE-2019-17563 When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability. Tomcat, Ubuntu_linux, Debian_linux, Leap, Agile_engineering_data_management, Hyperion_infrastructure_technology, Instantis_enterprisetrack, Micros_relate_crm_software, Mysql_enterprise_monitor, Retail_order_broker, Transportation_management 7.5
2019-12-23 CVE-2019-12418 When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance. Tomcat, Ubuntu_linux, Debian_linux, Oncommand_system_manager, Leap, Workload_manager 7.0
2020-01-05 CVE-2019-19911 There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer. Ubuntu_linux, Debian_linux, Fedora, Pillow 7.5
2020-01-08 CVE-2019-5188 A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. Ubuntu_linux, Debian_linux, E2fsprogs, Fedora, Hci_compute_node_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Leap 6.7
2020-01-08 CVE-2019-20367 nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). Ubuntu_linux, Debian_linux, Libbsd, Leap 9.1
2020-01-21 CVE-2019-20386 An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur. Ubuntu_linux, Fedora, Active_iq_unified_manager, Cloud_backup, Steelstore_cloud_integrated_storage, Leap, Systemd 2.4
2020-01-21 CVE-2019-14902 There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers. Ubuntu_linux, Debian_linux, Leap, Samba 5.4
2020-01-28 CVE-2020-0549 Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Ubuntu_linux, Debian_linux, Fedora, Celeron_3855u_firmware, Celeron_3865u_firmware, Celeron_3955u_firmware, Celeron_3965u_firmware, Celeron_3965y_firmware, Celeron_g3900_firmware, Celeron_g3900t_firmware, Celeron_g3900te_firmware, Celeron_g3902e_firmware, Celeron_g3920_firmware, Celeron_g3920t_firmware, Celeron_g3930e_firmware, Celeron_g3930te_firmware, Celeron_g3940_firmware, Celeron_g4900_firmware, Celeron_g4900t_firmware, Celeron_g4920_firmware, Core_i3\-6100_firmware, Core_i3\-6100e_firmware, Core_i3\-6100h_firmware, Core_i3\-6100t_firmware, Core_i3\-6100te_firmware, Core_i3\-6100u_firmware, Core_i3\-6102e_firmware, Core_i3\-6110u_firmware, Core_i3\-6120_firmware, Core_i3\-6120t_firmware, Core_i3\-6167u_firmware, Core_i3\-6300_firmware, Core_i3\-6300t_firmware, Core_i3\-6320_firmware, Core_i3\-6320t_firmware, Core_i3\-7007u_firmware, Core_i3\-7020u_firmware, Core_i3\-7100e_firmware, Core_i3\-7100h_firmware, Core_i3\-7100u_firmware, Core_i3\-7101e_firmware, Core_i3\-7101te_firmware, Core_i3\-7102e_firmware, Core_i3\-7110u_firmware, Core_i3\-7120_firmware, Core_i3\-7120t_firmware, Core_i3\-7130u_firmware, Core_i3\-7167u_firmware, Core_i3\-7320t_firmware, Core_i3\-7340_firmware, Core_i3\-8000_firmware, Core_i3\-8000t_firmware, Core_i3\-8020_firmware, Core_i3\-8100_firmware, Core_i3\-8100h_firmware, Core_i3\-8100t_firmware, Core_i3\-8120_firmware, Core_i3\-8130u_firmware, Core_i3\-8145u_firmware, Core_i3\-8300_firmware, Core_i3\-8300t_firmware, Core_i3\-8350k_firmware, Core_i4205u_firmware, Core_i5405u_firmware, Core_i5\-6200u_firmware, Core_i5\-6210u_firmware, Core_i5\-6260u_firmware, Core_i5\-6267u_firmware, Core_i5\-6287u_firmware, Core_i5\-6300hq_firmware, Core_i5\-6300u_firmware, Core_i5\-6310u_firmware, Core_i5\-6350hq_firmware, Core_i5\-6360u_firmware, Core_i5\-6400_firmware, Core_i5\-6400t_firmware, Core_i5\-6440eq_firmware, Core_i5\-6440hq_firmware, Core_i5\-6442eq_firmware, Core_i5\-6500_firmware, Core_i5\-6500t_firmware, Core_i5\-6500te_firmware, Core_i5\-6600_firmware, Core_i5\-6600k_firmware, Core_i5\-6600t_firmware, Core_i5\-7200u_firmware, Core_i5\-7210u_firmware, Core_i5\-7260u_firmware, Core_i5\-7267u_firmware, Core_i5\-7287u_firmware, Core_i5\-7300hq_firmware, Core_i5\-7300u_firmware, Core_i5\-7360u_firmware, Core_i5\-7400_firmware, Core_i5\-7400t_firmware, Core_i5\-7440eq_firmware, Core_i5\-7440hq_firmware, Core_i5\-7442eq_firmware, Core_i5\-7500_firmware, Core_i5\-7500t_firmware, Core_i5\-7500u_firmware, Core_i5\-7600_firmware, Core_i5\-7600k_firmware, Core_i5\-7600t_firmware, Core_i5\-7640x_firmware, Core_i5\-7y54_firmware, Core_i5\-7y57_firmware, Core_i5\-8250u_firmware, Core_i5\-8265u_firmware, Core_i5\-8300h_firmware, Core_i5\-8305g_firmware, Core_i5\-8350u_firmware, Core_i5\-8365u_firmware, Core_i5\-8400_firmware, Core_i5\-8400b_firmware, Core_i5\-8400h_firmware, Core_i5\-8400t_firmware, Core_i5\-8420_firmware, Core_i5\-8420t_firmware, Core_i5\-8500_firmware, Core_i5\-8500b_firmware, Core_i5\-8500t_firmware, Core_i5\-8550_firmware, Core_i5\-8600_firmware, Core_i5\-8600k_firmware, Core_i5\-8600t_firmware, Core_i5\-8650_firmware, Core_i5\-8650k_firmware, Core_i5\-9300h_firmware, Core_i5\-9400_firmware, Core_i5\-9400f_firmware, Core_i5\-9400h_firmware, Core_i5\-9600k_firmware, Core_i5\-9600kf_firmware, Core_i5_10110y_firmware, Core_i5_10210y_firmware, Core_i5_10310y_firmware, Core_i7\-6500u_firmware, Core_i7\-6510u_firmware, Core_i7\-6560u_firmware, Core_i7\-6567u_firmware, Core_i7\-6600u_firmware, Core_i7\-6650u_firmware, Core_i7\-6660u_firmware, Core_i7\-6700_firmware, Core_i7\-6700hq_firmware, Core_i7\-6700k_firmware, Core_i7\-6700t_firmware, Core_i7\-6700te_firmware, Core_i7\-6770hq_firmware, Core_i7\-6820eq_firmware, Core_i7\-6820hk_firmware, Core_i7\-6820hq_firmware, Core_i7\-6822eq_firmware, Core_i7\-6870hq_firmware, Core_i7\-6920hq_firmware, Core_i7\-6970hq_firmware, Core_i7\-7500u_firmware, Core_i7\-7510u_firmware, Core_i7\-7560u_firmware, Core_i7\-7567u_firmware, Core_i7\-7600u_firmware, Core_i7\-7640x_firmware, Core_i7\-7660u_firmware, Core_i7\-7700_firmware, Core_i7\-7700hq_firmware, Core_i7\-7700k_firmware, Core_i7\-7700t_firmware, Core_i7\-7740x_firmware, Core_i7\-7800x_firmware, Core_i7\-7820eq_firmware, Core_i7\-7820hk_firmware, Core_i7\-7820hq_firmware, Core_i7\-7820x_firmware, Core_i7\-7920hq_firmware, Core_i7\-7y75_firmware, Core_i7\-8550u_firmware, Core_i7\-8565u_firmware, Core_i7\-8569u_firmware, Core_i7\-8650u_firmware, Core_i7\-8665u_firmware, Core_i7\-8670_firmware, Core_i7\-8670t_firmware, Core_i7\-8700_firmware, Core_i7\-8700b_firmware, Core_i7\-8700k_firmware, Core_i7\-8700t_firmware, Core_i7\-8705g_firmware, Core_i7\-8706g_firmware, Core_i7\-8709g_firmware, Core_i7\-8750h_firmware, Core_i7\-8809g_firmware, Core_i7\-8850h_firmware, Core_i7\-9700k_firmware, Core_i7\-9700kf_firmware, Core_i7\-9750hf_firmware, Core_i7\-9850h_firmware, Core_i7_10510y_firmware, Core_i7_8500y_firmware, Core_i7_8550u_firmware, Core_i7_8559u_firmware, Core_i7_8560u_firmware, Core_i7_8565u_firmware, Core_i7_8650u_firmware, Core_i9\-10900x_firmware, Core_i9\-10920x_firmware, Core_i9\-10940x_firmware, Core_i9\-7900x_firmware, Core_i9\-7920x_firmware, Core_i9\-7940x_firmware, Core_i9\-7960x_firmware, Core_i9\-7980xe_firmware, Core_i9\-8950hk_firmware, Core_i9\-9800x_firmware, Core_i9\-9820x_firmware, Core_i9\-9880h_firmware, Core_i9\-9900k_firmware, Core_i9\-9900kf_firmware, Core_i9\-9900x_firmware, Core_i9\-9920x_firmware, Core_i9\-9940x_firmware, Core_i9\-9960x_firmware, Core_i9\-9980hk_firmware, Core_m3\-6y30_firmware, Core_m3\-7y30_firmware, Core_m5\-6y54_firmware, Core_m5\-6y57_firmware, Core_m7\-6y75_firmware, Pentium_4405u_firmware, Pentium_4405y_firmware, Pentium_4410y_firmware, Pentium_4415u_firmware, Pentium_4415y_firmware, Pentium_g4400_firmware, Pentium_g4400t_firmware, Pentium_g4400te_firmware, Pentium_g4420_firmware, Pentium_g4420t_firmware, Pentium_g4500_firmware, Pentium_g4500t_firmware, Pentium_g4520_firmware, Pentium_g4520t_firmware, Pentium_g4540_firmware, Pentium_g5400_firmware, Pentium_g5400t_firmware, Pentium_g5420_firmware, Pentium_g5420t_firmware, Pentium_g5500_firmware, Pentium_g5500t_firmware, Pentium_g5600_firmware, Xeon_3104_firmware, Xeon_3106_firmware, Xeon_3204_firmware, Xeon_3206r_firmware, Xeon_4108_firmware, Xeon_4109t_firmware, Xeon_4110_firmware, Xeon_4112_firmware, Xeon_4114_firmware, Xeon_4114t_firmware, Xeon_4116_firmware, Xeon_4116t_firmware, Xeon_4208_firmware, Xeon_4208r_firmware, Xeon_4209t_firmware, Xeon_4210_firmware, Xeon_4210r_firmware, Xeon_4214_firmware, Xeon_4214c_firmware, Xeon_4214r_firmware, Xeon_4214y_firmware, Xeon_4215_firmware, Xeon_4216_firmware, Xeon_4216r_firmware, Xeon_5115_firmware, Xeon_5118_firmware, Xeon_5119t_firmware, Xeon_5120_firmware, Xeon_5120t_firmware, Xeon_5122_firmware, Xeon_5215_firmware, Xeon_5215l_firmware, Xeon_5215m_firmware, Xeon_5215r_firmware, Xeon_5217_firmware, Xeon_5218_firmware, Xeon_5218b_firmware, Xeon_5218n_firmware, Xeon_5218t_firmware, Xeon_5220_firmware, Xeon_5220r_firmware, Xeon_5220s_firmware, Xeon_5220t_firmware, Xeon_5222_firmware, Xeon_6126_firmware, Xeon_6126f_firmware, Xeon_6126t_firmware, Xeon_6128_firmware, Xeon_6130_firmware, Xeon_6130f_firmware, Xeon_6130t_firmware, Xeon_6132_firmware, Xeon_6134_firmware, Xeon_6134m_firmware, Xeon_6136_firmware, Xeon_6138_firmware, Xeon_6138f_firmware, Xeon_6138t_firmware, Xeon_6140_firmware, Xeon_6140m_firmware, Xeon_6142_firmware, Xeon_6142f_firmware, Xeon_6142m_firmware, Xeon_6144_firmware, Xeon_6146_firmware, Xeon_6148_firmware, Xeon_6148f_firmware, Xeon_6150_firmware, Xeon_6152_firmware, Xeon_6154_firmware, Xeon_6222v_firmware, Xeon_6226_firmware, Xeon_6230_firmware, Xeon_6230n_firmware, Xeon_6230t_firmware, Xeon_6234_firmware, Xeon_6238_firmware, Xeon_6238l_firmware, Xeon_6238m_firmware, Xeon_6238t_firmware, Xeon_6240_firmware, Xeon_6240l_firmware, Xeon_6240m_firmware, Xeon_6240y_firmware, Xeon_6242_firmware, Xeon_6244_firmware, Xeon_6246_firmware, Xeon_6248_firmware, Xeon_6252_firmware, Xeon_6252n_firmware, Xeon_6254_firmware, Xeon_6262v_firmware, Xeon_8153_firmware, Xeon_8156_firmware, Xeon_8158_firmware, Xeon_8160_firmware, Xeon_8160f_firmware, Xeon_8160m_firmware, Xeon_8160t_firmware, Xeon_8164_firmware, Xeon_8168_firmware, Xeon_8170_firmware, Xeon_8170m_firmware, Xeon_8176_firmware, Xeon_8176f_firmware, Xeon_8176m_firmware, Xeon_8180_firmware, Xeon_8180m_firmware, Xeon_8253_firmware, Xeon_8256_firmware, Xeon_8260_firmware, Xeon_8260l_firmware, Xeon_8260m_firmware, Xeon_8260y_firmware, Xeon_8268_firmware, Xeon_8270_firmware, Xeon_8276_firmware, Xeon_8276l_firmware, Xeon_8276m_firmware, Xeon_8280_firmware, Xeon_8280l_firmware, Xeon_8280m_firmware, Xeon_9220_firmware, Xeon_9221_firmware, Xeon_9222_firmware, Xeon_9242_firmware, Xeon_9282_firmware, Xeon_e3\-1220_firmware, Xeon_e3\-1225_firmware, Xeon_e3\-1230_firmware, Xeon_e3\-1240_firmware, Xeon_e3\-1245_firmware, Xeon_e3\-1270_firmware, Xeon_e3\-1275_firmware, Xeon_e3\-1280_firmware, Xeon_e3\-1285_firmware, Xeon_e3\-1501l_firmware, Xeon_e3\-1501m_firmware, Xeon_e3\-1505l_firmware, Xeon_e3\-1505m_firmware, Xeon_e3\-1535m_firmware, Xeon_e\-2124_firmware, Xeon_e\-2124g_firmware, Xeon_e\-2134_firmware, Xeon_e\-2144g_firmware, Xeon_e\-2174g_firmware, Xeon_e\-2184g_firmware, Xeon_e\-2224_firmware, Xeon_e\-2224g_firmware, Xeon_e\-2234_firmware, Xeon_e\-2244g_firmware, Xeon_e\-2254me_firmware, Xeon_e\-2254ml_firmware, Xeon_e\-2274g_firmware, Xeon_e\-2284g_firmware, Xeon_w\-2123_firmware, Xeon_w\-2125_firmware, Xeon_w\-2133_firmware, Xeon_w\-2135_firmware, Xeon_w\-2145_firmware, Xeon_w\-2155_firmware, Xeon_w\-2175_firmware, Xeon_w\-2195_firmware, Xeon_w\-2223_firmware, Xeon_w\-2225_firmware, Xeon_w\-2235_firmware, Xeon_w\-2245_firmware, Xeon_w\-2255_firmware, Xeon_w\-2265_firmware, Xeon_w\-2275_firmware, Xeon_w\-2295_firmware, Xeon_w\-3223_firmware, Xeon_w\-3225_firmware, Xeon_w\-3235_firmware, Xeon_w\-3245_firmware, Xeon_w\-3245m_firmware, Xeon_w\-3265_firmware, Xeon_w\-3265m_firmware, Xeon_w\-3275_firmware, Xeon_w\-3275m_firmware, Leap 5.5
2020-01-29 CVE-2019-20444 HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold." Ubuntu_linux, Debian_linux, Fedora, Netty, Jboss_amq_clients, Jboss_enterprise_application_platform 9.1
2020-01-29 CVE-2019-20445 HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. Spark, Ubuntu_linux, Debian_linux, Fedora, Netty, Jboss_amq_clients, Jboss_enterprise_application_platform 9.1