Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-07-24 | CVE-2019-14250 | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. | Ubuntu_linux, Binutils, Leap | 5.5 | ||
| 2019-07-30 | CVE-2019-14444 | apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. | Ubuntu_linux, Binutils, Hci_management_node, Solidfire, Leap | 5.5 | ||
| 2020-02-04 | CVE-2019-9674 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. | Ubuntu_linux, Active_iq_unified_manager, Python | 7.5 | ||
| 2019-03-29 | CVE-2019-10269 | BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file. | Burrow\-Wheeler_aligner, Ubuntu_linux | 9.8 | ||
| 2019-05-08 | CVE-2019-2054 | In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-119769499 | Ubuntu_linux, Android | 7.8 | ||
| 2019-07-04 | CVE-2019-13241 | FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. | Ubuntu_linux, Flightcrew | 7.8 | ||
| 2019-08-09 | CVE-2019-11041 | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. | Mac_os_x, Ubuntu_linux, Debian_linux, Leap, Php, Software_collections, Tenable\.sc | 7.1 | ||
| 2019-08-09 | CVE-2019-11042 | When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. | Mac_os_x, Ubuntu_linux, Debian_linux, Leap, Php, Software_collections, Tenable\.sc | 7.1 | ||
| 2020-05-22 | CVE-2020-12397 | By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0. | Ubuntu_linux, Thunderbird | 4.3 | ||
| 2019-09-24 | CVE-2019-16729 | pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups. | Ubuntu_linux, Debian_linux, Pam\-Python | 7.8 |