Canonical Ubuntu Linux vulnerabilities

CVE-2019-14981 [MEDIUM] CWE-369 CVE-2019-14981: In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.

CVE-2019-11041 [HIGH] CWE-125 CVE-2019-11041: When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() functio When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

CVE-2019-11042 [HIGH] CWE-125 CVE-2019-11042: When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() functio When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

CVE-2019-14433 [MEDIUM] CWE-209 CVE-2019-14433: An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2 An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.

CVE-2019-14744 [HIGH] CWE-78 CVE-2019-14744: In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to cod In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.

CVE-2019-14763 [MEDIUM] CWE-667 CVE-2019-14763: In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potential In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.

CVE-2019-14494 [HIGH] CWE-369 CVE-2019-14494: An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function S An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.

CVE-2019-14496 [HIGH] CWE-787 CVE-2019-14496: LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflo LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow.

CVE-2019-14497 [HIGH] CWE-787 CVE-2019-14497: ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow.

CVE-2019-14452 [HIGH] CWE-22 CVE-2019-14452: Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary fi Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.

CVE-2019-14464 [MEDIUM] CWE-787 CVE-2019-14464: XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow.

CVE-2019-10161 [HIGH] CWE-284 CVE-2019-10161: It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to u It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause

CVE-2019-14444 [MEDIUM] CWE-190 CVE-2019-14444: apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attacke apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.

CVE-2019-1020014 [MEDIUM] CWE-415 CVE-2019-1020014: docker-credential-helpers before 0.6.3 has a double free in the List functions. docker-credential-helpers before 0.6.3 has a double free in the List functions.

CVE-2019-13565 [HIGH] CVE-2019-13565: An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session en An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is re

CVE-2019-13057 [MEDIUM] CVE-2019-13057: An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator deleg An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or

CVE-2019-14250 [MEDIUM] CWE-190 CVE-2019-14250: An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_mat An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.

CVE-2019-2758 [MEDIUM] CVE-2019-2758: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versio Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauth

CVE-2019-2762 [MEDIUM] CVE-2019-2762: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities) Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Su

CVE-2019-2757 [MEDIUM] CVE-2019-2757: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Suppo Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can resul