Canonical » Ubuntu Linux » 20.04 lts : Security Vulnerabilities, CVEs, Published In 2019 CVSS score >= 7
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
Max CVSS
9.1
EPSS Score
0.33%
Published
2019-12-24
Updated
2022-10-31
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
Max CVSS
9.8
EPSS Score
0.93%
Published
2019-12-24
Updated
2022-10-31
FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.
Max CVSS
9.8
EPSS Score
1.08%
Published
2019-10-14
Updated
2021-07-21
In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.
Max CVSS
9.8
EPSS Score
2.04%
Published
2019-10-14
Updated
2021-06-10
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
Max CVSS
9.8
EPSS Score
0.63%
Published
2019-10-10
Updated
2021-11-30
libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.
Max CVSS
8.8
EPSS Score
1.17%
Published
2019-04-19
Updated
2022-10-07
6 vulnerabilities found