Canonical: Security Vulnerabilities
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
CVSS Score
9.8
EPSS Score
0.01
Published
2020-01-03
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
CVSS Score
7.1
EPSS Score
0.005
Published
2020-01-03
Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
CVSS Score
7.8
EPSS Score
0.002
Published
2020-01-02
selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.
CVSS Score
7.5
EPSS Score
0.009
Published
2020-01-02
The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.012
Published
2019-12-31
In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-30
The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-12-30
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.
CVSS Score
4.4
EPSS Score
0.001
Published
2019-12-26
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.
CVSS Score
4.7
EPSS Score
0.001
Published
2019-12-25
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-12-24