Shodan
Vulnerabilities
Vulnerable Software
Canonical:  >> Ubuntu Linux  >> 18.10  Security Vulnerabilities
CVE-2018-20615
An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.
CVSS Score
7.5
EPSS Score
0.001
Published
2019-03-21
CVE-2018-18849
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-03-21
CVE-2019-9718
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
CVSS Score
6.5
EPSS Score
0.019
Published
2019-03-12
CVE-2019-9721
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-03-12
CVE-2019-9637
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.
CVSS Score
7.5
EPSS Score
0.073
Published
2019-03-09
CVE-2019-9638
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
CVSS Score
7.5
EPSS Score
0.101
Published
2019-03-09
CVE-2019-9639
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
CVSS Score
7.5
EPSS Score
0.104
Published
2019-03-09
CVE-2019-9640
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.
CVSS Score
7.5
EPSS Score
0.093
Published
2019-03-09
CVE-2019-9641
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.
CVSS Score
9.8
EPSS Score
0.368
Published
2019-03-09
CVE-2019-7175
In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-03-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved