Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical ubuntu linux 18.10 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-8956
In the Linux Kernel prior to 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
4 Github repositories
7
CVSSv3
CVE-2018-16880
A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system pan...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
4.9
CVSSv3
CVE-2019-2566
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro...
Oracle Mysql
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
7.5
CVSSv3
CVE-2019-2632
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple p...
Oracle Mysql
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
9.8
CVSSv3
CVE-2019-5882
Irssi 1.1.x prior to 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.
Irssi Irssi
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
9.8
CVSSv3
CVE-2018-16840
A heap use-after-free flaw was found in curl versions from 7.59.0 up to and including 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulli...
Haxx Curl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
6.5
CVSSv3
CVE-2018-12402
The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and...
Mozilla Firefox
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
6.5
CVSSv3
CVE-2018-19149
Poppler prior to 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.
Freedesktop Poppler
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
7.5
CVSSv3
CVE-2019-11324
The urllib3 library prior to 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This ...
Python Urllib3
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
3 Github repositories
7.5
CVSSv3
CVE-2019-5747
An issue exists in BusyBox up to and including 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote malicious user to leak sensitive information from the stack by sending a crafted DHCP message. This is related...
Busybox Busybox
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »