Canonical Ubuntu Linux vulnerabilities
4,102 known vulnerabilities affecting canonical/ubuntu_linux.
Total CVEs
4,102
CISA KEV
44
actively exploited
Public exploits
271
Exploited in wild
54
Severity breakdown
CRITICAL545HIGH1396MEDIUM1945LOW216
Vulnerabilities
Page 52 of 206
CVE-2019-13297HIGHCVSS 8.8v16.04v18.04+2 more2019-07-05
CVE-2019-13297 [HIGH] CWE-125 CVE-2019-13297: ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThre
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
nvd
CVE-2019-13295HIGHCVSS 8.8v16.04v18.04+2 more2019-07-05
CVE-2019-13295 [HIGH] CWE-125 CVE-2019-13295: ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThre
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
nvd
CVE-2019-13306HIGHCVSS 7.8v16.04v18.04+2 more2019-07-05
CVE-2019-13306 [HIGH] CWE-193 CVE-2019-13306: ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.
nvd
CVE-2019-13307HIGHCVSS 7.8v16.04v18.04+2 more2019-07-05
CVE-2019-13307 [HIGH] CWE-787 CVE-2019-13307: ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImage
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.
nvd
CVE-2019-13300HIGHCVSS 8.8v16.04v18.04+2 more2019-07-05
CVE-2019-13300 [HIGH] CWE-787 CVE-2019-13300: ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImage
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.
nvd
CVE-2019-13311MEDIUMCVSS 6.5v16.04v18.04+2 more2019-07-05
CVE-2019-13311 [MEDIUM] CWE-401 CVE-2019-13311: ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
nvd
CVE-2019-13301MEDIUMCVSS 6.5v16.04v18.04+2 more2019-07-05
CVE-2019-13301 [MEDIUM] CWE-401 CVE-2019-13301: ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
nvd
CVE-2019-13309MEDIUMCVSS 6.5v16.04v18.04+2 more2019-07-05
CVE-2019-13309 [MEDIUM] CWE-401 CVE-2019-13309: ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchIm
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.
nvd
CVE-2019-13310MEDIUMCVSS 6.5v16.04v18.04+2 more2019-07-05
CVE-2019-13310 [MEDIUM] CWE-401 CVE-2019-13310: ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/m
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.
nvd
CVE-2019-13241HIGHCVSS 7.8v16.04v18.04+2 more2019-07-04
CVE-2019-13241 [HIGH] CWE-22 CVE-2019-13241: FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arb
FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.
nvd
CVE-2019-13164HIGHCVSS 7.8v14.04v16.04+3 more2019-07-03
CVE-2019-13164 [HIGH] CVE-2019-13164: qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained f
qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
nvd
CVE-2019-5051HIGHCVSS 8.8v16.04v18.042019-07-03
CVE-2019-5051 [HIGH] CWE-390 CVE-2019-5051: An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image
An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2_image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
nvd
CVE-2019-5052HIGHCVSS 8.8v16.04v18.042019-07-03
CVE-2019-5052 [HIGH] CWE-190 CVE-2019-5052: An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A
An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
nvd
CVE-2019-13135HIGHCVSS 8.8v16.04v18.04+2 more2019-07-01
CVE-2019-13135 [HIGH] CWE-908 CVE-2019-13135: ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUT
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
nvd
CVE-2019-12781MEDIUMCVSS 5.3v16.04v18.04+2 more2019-07-01
CVE-2019-12781 [MEDIUM] CWE-319 CVE-2019-12781: An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An H
An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTT
nvd
CVE-2019-13137MEDIUMCVSS 6.5v16.04v18.04+2 more2019-07-01
CVE-2019-13137 [MEDIUM] CWE-401 CVE-2019-13137: ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
nvd
CVE-2019-13117MEDIUMCVSS 5.3v12.04v14.04+4 more2019-07-01
CVE-2019-13117 [MEDIUM] CWE-908 CVE-2019-13117: In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitiali
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.
nvd
CVE-2019-13118MEDIUMCVSS 5.3v12.04v14.04+4 more2019-07-01
CVE-2019-13118 [MEDIUM] CWE-843 CVE-2019-13118: In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
nvd
CVE-2019-13110MEDIUMCVSS 6.5v16.04v18.04+2 more2019-06-30
CVE-2019-13110 [MEDIUM] CWE-125 CVE-2019-13110: A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allow
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted CRW image file.
nvd
CVE-2019-13112MEDIUMCVSS 6.5v16.04v18.04+2 more2019-06-30
CVE-2019-13112 [MEDIUM] CWE-770 CVE-2019-13112: A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attac
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.
nvd