Canonical Ubuntu Linux vulnerabilities

CVE-2019-3823 [HIGH] CWE-125 CVE-2019-3823: libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the cod libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read conten

CVE-2018-20760 [HIGH] CWE-787 CVE-2018-20760: In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a al In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.

CVE-2018-16890 [HIGH] CWE-125 CVE-2018-16890: libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could tr

CVE-2018-20762 [HIGH] CWE-119 CVE-2018-20762: GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files functio GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.

CVE-2018-20761 [HIGH] CWE-119 CVE-2018-20761: GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function i GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.

CVE-2018-20763 [HIGH] CWE-787 CVE-2018-20763: In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a al In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.

CVE-2019-3820 [MEDIUM] CWE-285 CVE-2019-3820: It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict a It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.

CVE-2019-3825 [MEDIUM] CWE-287 CVE-2019-3825: A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, a A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.

CVE-2018-18502 [CRITICAL] CWE-119 CVE-2018-18502: Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 65.

CVE-2018-18500 [CRITICAL] CWE-416 CVE-2018-18500: A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML e A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

CVE-2018-18504 [CRITICAL] CWE-125 CVE-2018-18504: A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is st A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers. This vulnerability affects Firefox < 65.

CVE-2018-18501 [CRITICAL] CWE-119 CVE-2018-18501: Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firef Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox <

CVE-2018-18505 [CRITICAL] CVE-2018-18505: An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authenti An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later chann

CVE-2019-7396 [HIGH] CWE-401 CVE-2019-7396: In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.

CVE-2019-7398 [HIGH] CWE-401 CVE-2019-7398: In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.

CVE-2019-7395 [HIGH] CWE-401 CVE-2019-7395: In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.

CVE-2019-7397 [HIGH] CWE-401 CVE-2019-7397: In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in Writ In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.

CVE-2018-18503 [HIGH] CWE-119 CVE-2018-18503: When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash ma When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < 65.

CVE-2018-11803 [HIGH] CWE-824 CVE-2018-11803: Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after d Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.

CVE-2018-18506 [MEDIUM] CVE-2018-18506: When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file o When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attack